"As a new and significantly more aggressive wave of npm supply chain malware, Shai-Hulud 2 combines stealthy execution, ...
Charlie Eriksen, a researcher at Aikido, identified the infected libraries and confirmed each detection manually to minimize ...
Shai Hulud malware has infected hundreds of NPM libraries, including major ENS and crypto packages, triggering a JavaScript ...
Shai-Hulud malware infiltrates 490 NPM packages, stealing API keys and credentials from ENS and major crypto development ...
Hundreds of trojanized versions of well-known packages such as Zapier, ENS Domains, PostHog, and Postman have been planted in ...
A popular JavaScript cryptography library is vulnerable in a way which could allow threat actors to break into user accounts.
The latest version also executes malicious code during the preinstall phase, and is bigger and faster than the first wave, ...
A vulnerability in the 'node-forge' package, a popular JavaScript cryptography library, could be exploited to bypass ...
Approximately 640 NPM packages have been infected with a new variant of the Shai-Hulud self-replicating worm in a fresh wave of attacks.
How-To Geek on MSN
NPM packages are infected with malware, again
Shai Hulud v2 infected 500+ npm packages (700+ versions) and spilled into Java/Maven — yikes. Compromised packages run a ...
A researcher reported that more than 400 NPM libraries, including a cluster of ENS-linked crypto packages, were breached by ...
A new version of the Shai-Hulud worm has infected hundreds of npm packages and caused disruption to global CI/CD workflows ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback