OpenSearch npm package hit by supply chain worm

Mini Shai-Hulud is a terrifying evolution in supply chain threats, demonstrating that even SLSA Build Level 3 cryptographically verified packages can be poisoned at the source. Attackers exploited pull_request_target triggers and cache poisoning to mint OIDC tokens, bypassing traditional npm API key security. The dead-man's switch logic makes immediate remediation dangerous; maintainers must isolate systems before rotating tokens to prevent the wiper from triggering. Persistence mechanisms targeting Claude Code and VS Code show a strategic focus on compromising the local developer environment. Use of Bun runtime smuggling and the decentralized Session Protocol for exfiltration highlights an increasing sophistication in evading EDR and network filters. The breach confirms that Trusted Publishing is a double-edged sword when the underlying CI provider's trust model is compromised.