Tag: mini shai hulud
4 articles

Mini Shai-Hulud Worm Targets AntV Ecosystem with Coordinated npm Package Attack
In a shocking one-hour surge, 639 malicious versions were pushed across 323 unique npm packages, crippling the AntV ecosystem with a massive coordinated attack linked to the Mini Shai-Hulud worm. This brazen move was designed not only to spread chaos but also to slow down analysis and detection efforts.

Malware Campaign Compromises Hundreds of npm Packages
A new, highly aggressive malware campaign, linked to the notorious TeamPCP group, has infected hundreds of npm packages, putting countless environments at risk of exposure. If you're concerned about potential damage, take immediate action to rotate secrets, remove persistence artifacts, and review recent publish activity.

Malware Worm Targets npm, PyPi in Mass Supply-Chain Attack
A self-spreading worm, dubbed Mini Shai-Hulud, has infected over 170 packages with nearly 180 million weekly downloads, posing a massive threat to the software supply chain. This highly contagious malware has been open-sourced, making it easier for others to exploit and escalate the attack.

Malware Infects Hundreds of Open-Source Packages in Supply-Chain Attack
A massive supply-chain attack, dubbed "mini Shai-Hulud," has infected hundreds of open-source packages with credential-stealing malware, putting millions of developers and users at risk. The malicious code has been embedded in widely-used libraries and projects, including TanStack's React Router, which alone has over 12 million weekly downloads.