Home / Security updates / Datadog's Response to Shai-Hulud Worm Campaign
Datadog's Response to Shai-Hulud Worm Campaign
Security updates detail rendered from /security-updates/upd_0ab4ebf724e221db.
Overview
| ID | upd_0ab4ebf724e221db |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Datadog |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_0ab4ebf724e221db |
| providerId | safebase |
| organizationId | org_69291cebe8d5d66e |
| trustCenterId | tc_3aed993e7dda3cf3 |
| title | Datadog's Response to Shai-Hulud Worm Campaign |
| message | Since the Shai-Hulud worm campaign affecting NPM packages began in September 2025, we have been assessing our own environment for impact and have confirmed that Datadog has not been impacted by the initial iteration nor the most recent [Shai-Hulud 2.0 worm campaign](https://securitylabs.datadoghq.com/articles/shai-hulud-2.0-npm-worm/). We have implemented detections for the worm, and are continuously monitoring for infected packages and reviewing potential usage at Datadog. Independent of this campaign, Datadog also [proactively monitors](https://www.datadoghq.com/blog/detecting-leaked-credentials/) for exposure of customer Datadog credentials, such as API and Application keys, and notifies impacted customers. |
| url | - |
| publishedAt | 2025-11-26 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_69291cebe8d5d66e",
"name": "Datadog",
"domains": [
"trust.datadoghq.com",
"datadoghq.com"
]
} |
| trust_center | {
"id": "tc_3aed993e7dda3cf3",
"name": "Datadog",
"url": "https://trust.datadoghq.com",
"host": "trust.datadoghq.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_0ab4ebf724e221db",
"company": "/v1/companies/org_69291cebe8d5d66e",
"trust_center": "/v1/trust-centers/tc_3aed993e7dda3cf3",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_0ab4ebf724e221dbJSON