Hundreds of trojanized versions of well-known packages such as Zapier, ENS Domains, PostHog, and Postman have been planted in ...
Approximately 640 NPM packages have been infected with a new variant of the Shai-Hulud self-replicating worm in a fresh wave of attacks.
The latest version also executes malicious code during the preinstall phase, and is bigger and faster than the first wave, ...
On November 24, a new wave of the Shai-Hulud supply chain attack emerged. The threat actors exfiltrate stolen credentials ...
How-To Geek on MSN
NPM packages are infected with malware, again
Shai Hulud v2 infected 500+ npm packages (700+ versions) and spilled into Java/Maven — yikes. Compromised packages run a ...
A new version of the Shai-Hulud worm has infected hundreds of npm packages and caused disruption to global CI/CD workflows ...
"As a new and significantly more aggressive wave of npm supply chain malware, Shai-Hulud 2 combines stealthy execution, ...
The Register on MSN
Shai-Hulud worm returns, belches secrets to 25K GitHub repos
Trojanized npm packages spread new variant that executes in pre-install phase, hitting thousands within days A self-propagating malware targeting node package managers (npm) is back for a second round ...
A new iteration of the Shai-Hulud malware that ran through npm repositories in September is faster, more dangerous, and more destructive, creating huge numbers of malicious repositories, compromised ...
Cybercriminals continue to sneak malicious repositories onto GitHub. Typosquatting, dependency confusion, and other types of cyberattacks precipitated through malicious packages are old and common ...
Security researchers have uncovered two new malicious packages on the npm open source package manager that utilized GitHub to store stolen Base64-encrypted SSH keys taken from developer systems. These ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback