The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...
Popular JavaScript modules including size-sensor and echarts-for-react hit as hijacked account closed GitHub warnings ...
The Mini Shai-Hulud worm has resurfaced in one of its largest single-registry waves to date, hitting hundreds of npm packages ...
A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.
Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a ...
Cryptopolitan on MSN
Mini Shai-Hulud worm hijacks 323 npm packages under 30 minutes through a single stolen account
On May 19, the Mini Shai-Hulud worm compromised one npm maintainer account and pushed 639 malicious versions across 323 ...
Mini Shai-Hulud npm campaign compromises @antv packages, targeting blockchain developers' GitHub tokens, AWS keys, and CI/CD secrets in a coordinated supply chain attack.
The data visualization ecosystem AntV was targeted by a Mini Shai Hulud supply chain attack involving hundreds of malicious npm packages.
What is Mini Shai-Hulud npm supply chain attack, and was Microsoft and Socket hit by malware? A new npm supply chain attack hit hundreds of packages linked to the @antv ecosystem. Attackers used a ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results