Regtech firm SlowMist noted that recently, the NPM ecosystem experienced another large-scale package poisoning incident.
How-To Geek on MSN
NPM packages are infected with malware, again
Shai Hulud v2 infected 500+ npm packages (700+ versions) and spilled into Java/Maven — yikes. Compromised packages run a ...
A new iteration of the Shai-Hulud malware that ran through npm repositories in September is faster, more dangerous, and more destructive, creating huge numbers of malicious repositories, compromised ...
Shai Hulud's automated and aggressive upgrade is spawning more than 1,000 malicious npm repositories every 30 minutes, ...
Approximately 640 NPM packages have been infected with a new variant of the Shai-Hulud self-replicating worm in a fresh wave of attacks.
A new version of the Shai-Hulud worm has infected hundreds of npm packages and caused disruption to global CI/CD workflows ...
Sha1-Hulud malware is an aggressive npm supply-chain attack compromising CI/CD and developer environments. This blog addresses frequently asked questions and advises cloud security teams to ...
The Shai-Hulud supply chain attack campaign, responsible for compromising hundreds of CrowdStrike’s NPM packages in September ...
New variant executes malicious code during preinstall, significantly increasing potential exposure in build and runtime ...
Shai-Hulud malware infiltrates 490 NPM packages, stealing API keys and credentials from ENS and major crypto development ...
Charlie Eriksen, a researcher at Aikido, identified the infected libraries and confirmed each detection manually to minimize ...
A researcher reported that more than 400 NPM libraries, including a cluster of ENS-linked crypto packages, were breached by ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback