SHA1-Hulud, npm supply chain incident
Source
SnykSHA1-Hulud, npm supply chain incidentsnyk.ioYou might also wanna read
Shai Hulud 2.0 Supply-Chain Attack Compromises Zapier, ENS, AsyncAPI, PostHog, and Postman
The article details a new supply-chain attack campaign dubbed 'Shai Hulud 2.0' that has compromised multiple developer tools and platforms i
aikido.dev·7mo agoShai-Hulud: Largest npm Supply-Chain Compromise Affecting CrowdStrike and Hundreds of Packages
The Shai-Hulud malware campaign represents the largest and most dangerous npm supply-chain compromise in history, affecting hundreds of pack
Post-Mortem Analysis: How Our Company Was Compromised by the Shai-Hulud 2.0 npm Supply Chain Worm
The article details a company's experience being compromised by the Shai-Hulud 2.0 npm supply chain worm on November 25th, 2025. It describe
npm to Implement Staged Publishing as Security Response to Supply Chain Attacks
npm is implementing staged publishing as a security response to supply chain attacks, particularly the Shai-Hulud campaign that exposed vuln
GitLab Identifies Large-Scale npm Supply Chain Attack with Destructive Malware
GitLab's security researchers have uncovered a large-scale supply chain attack in the npm ecosystem involving a destructive malware variant
Supply Chain Attack Wave Targets npm Packages and Go Ecosystem via Mini Shai-Hulud Malware Family
Socket Threat Research is tracking a new supply chain attack wave linked to the Mini Shai-Hulud, Miasma, and Hades malware family. The campa
hendryadrian.com·12d ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.