Hundreds of trojanized versions of well-known packages such as Zapier, ENS Domains, PostHog, and Postman have been planted in ...
The Register on MSN
PostHog admits Shai-Hulud 2.0 was its biggest ever security bungle
Automation flaw in CI/CD workflow let a bad pull request unleash worm into npm PostHog says the Shai-Hulud 2.0 npm worm compromise was "the largest and most impactful security incident" it's ever ...
The Register on MSN
Shai-Hulud worm returns, belches secrets to 25K GitHub repos
Trojanized npm packages spread new variant that executes in pre-install phase, hitting thousands within days A ...
The latest version also executes malicious code during the preinstall phase, and is bigger and faster than the first wave, ...
Approximately 640 NPM packages have been infected with a new variant of the Shai-Hulud self-replicating worm in a fresh wave of attacks.
North Korean attackers have delivered more than 197 malicious packages as part of ongoing state-sponsored activity to ...
Sha1-Hulud malware is an aggressive npm supply-chain attack compromising CI/CD and developer environments. This blog addresses frequently asked questions and advises cloud security teams to ...
The originators of the Contagious Interview cyberattack campaign are stitching GitHub, Vercel, and NPM together into a ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback