npm Package Uses Prompt Injection and Token Flooding to Disrupt AI Malware Scanners
npm package 'shai_hulululud' targets AI malware scanners with prompt injection and token flooding.
Summary
A new npm package, 'shai_hulululud', has been identified that appears designed to evade AI-based malware scanners. It employs techniques like prompt injection within comments, safety-triggering content, and extensive token flooding to disrupt AI analysis. While not carrying a traditional credential-stealing payload, this 'protestware' demonstrates how attackers are adapting to AI-assisted dependency scanning by targeting the scanners themselves as an attack surface.
Full text
Research/Security NewsGlassWASM: WebAssembly Malware Found in Trojanized Open VSX ExtensionsThe trojanized extensions use TinyGo-compiled WebAssembly and Solana transaction memos to resolve command-and-control infrastructure.By Joseph Edwards - Jun 15, 2026