CyberScoop

Mini Shai-Hulud returns, compromising hundreds of npm packages (opens in new tab)

Covers 2 stories See all stories this covers including Active Supply Chain Attack Compromises @antv Packages on npmCovered by kite.kagi.com, Metacurity

Another malware wave is washing through open-source software repos, stealing publishing tokens, installing OS‑level backdoors and persisting in developer tools and CI pipelines. The post Mini Shai-Hulud returns, compromising hundreds of npm packages appeared first on CyberScoop.

Read the original article
Sign in to keep reading the full article.
Sign UpLog In

Covered in 2 articles

Metacurity·

GitHub says malicious VS Code extension compromised 3,800 internal repositories

Feeds

In other languages

kite.kagi.com·

Mini Shai-Hulud 웜, 수백 개의 npm 패키지 감염

Feeds

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help