All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

SHA1-Hulud, npm supply chain incident

7mo agoen

Source

SnykSHA1-Hulud, npm supply chain incidentsnyk.io
Snippet from the RSS feed
Snyk identified a new supply chain attack in the npm ecosystem, referred to as SHA1-Hulud. We believe this is a second wave of the Shai-Hulud attack. Learn what this attack is and how Snyk is responding.

You might also wanna read

Shai Hulud 2.0 Supply-Chain Attack Compromises Zapier, ENS, AsyncAPI, PostHog, and Postman

The article details a new supply-chain attack campaign dubbed 'Shai Hulud 2.0' that has compromised multiple developer tools and platforms i

aikido.dev·7mo ago

Shai-Hulud: Largest npm Supply-Chain Compromise Affecting CrowdStrike and Hundreds of Packages

The Shai-Hulud malware campaign represents the largest and most dangerous npm supply-chain compromise in history, affecting hundreds of pack

koi.security·9mo ago

Post-Mortem Analysis: How Our Company Was Compromised by the Shai-Hulud 2.0 npm Supply Chain Worm

The article details a company's experience being compromised by the Shai-Hulud 2.0 npm supply chain worm on November 25th, 2025. It describe

trigger.dev·6mo ago

npm to Implement Staged Publishing as Security Response to Supply Chain Attacks

npm is implementing staged publishing as a security response to supply chain attacks, particularly the Shai-Hulud campaign that exposed vuln

socket.dev·6mo ago

GitLab Identifies Large-Scale npm Supply Chain Attack with Destructive Malware

GitLab's security researchers have uncovered a large-scale supply chain attack in the npm ecosystem involving a destructive malware variant

about.gitlab.com·7mo ago

Supply Chain Attack Wave Targets npm Packages and Go Ecosystem via Mini Shai-Hulud Malware Family

Socket Threat Research is tracking a new supply chain attack wave linked to the Mini Shai-Hulud, Miasma, and Hades malware family. The campa

hendryadrian.com·12d ago

Comments

Sign in to join the conversation.

No comments yet. Be the first.