Shai-Hulud Goes Open Source
1mo ago
Source
DatadogShai-Hulud Goes Open Sourcedatadoghq.comA static analysis of the open-sourced Shai-Hulud offensive framework attributed to TeamPCP, covering its credential harvesting, supply chain poisoning, and exfiltration capabilities.
You might also wanna read
Shai-Hulud: Largest npm Supply-Chain Compromise Affecting CrowdStrike and Hundreds of Packages
The Shai-Hulud malware campaign represents the largest and most dangerous npm supply-chain compromise in history, affecting hundreds of pack
Shai Hulud 2.0 Supply-Chain Attack Compromises Zapier, ENS, AsyncAPI, PostHog, and Postman
The article details a new supply-chain attack campaign dubbed 'Shai Hulud 2.0' that has compromised multiple developer tools and platforms i
aikido.dev·7mo ago
Beyond Detection: Building a Resilient Software Supply Chain (Lessons from the Shai-Hulud Post-Mortem)
Snyk·6mo ago
TeamPCP supply chain attack hits TanStack
ThreatLocker·12d ago
Post-Mortem Analysis: How Our Company Was Compromised by the Shai-Hulud 2.0 npm Supply Chain Worm
The article details a company's experience being compromised by the Shai-Hulud 2.0 npm supply chain worm on November 25th, 2025. It describe
trigger.dev·6mo ago
GitLab Identifies Large-Scale npm Supply Chain Attack with Destructive Malware
GitLab's security researchers have uncovered a large-scale supply chain attack in the npm ecosystem involving a destructive malware variant

Comments
Sign in to join the conversation.
No comments yet. Be the first.