// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-wedgDTG 0600Z
ColdRecon / Breach Radar / CrowdStrike
Breach Record

CrowdStrike

DISCLOSED 2025-09-16 · SUPPLY CHAIN

Multiple npm packages published by CrowdStrike were compromised in an ongoing supply chain attack linked to the Shai-Halud campaign. The malicious packages contained a script that downloads TruffleHog to steal secrets and creates unauthorized GitHub Actions workflows for persistence. CrowdStrike confirmed the Falcon sensor and platform are not impacted.

The record

What we know

Disclosed
2025-09-16
Attack vector
Supply Chain
Sources

Cited reporting

Similar vector · recent

Other supply chain breaches on file

This page is the permanent ColdRecon entry for the CrowdStrike disclosure. It updates if new public reporting emerges. All tracked breaches →

CrowdStrike just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →