Advertisement
Red Hat npm Supply Chain Compromise: Miasma Steals Dev Credentials
Over 30 Red Hat npm packages under @redhat-cloud-services were compromised in a supply chain attack distributing Miasma malware to steal developer credentials.
Shai-Hulud Campaign: TeamPCP Targets Open-Source Supply Chain
Analysis of the Shai-Hulud campaign by TeamPCP, detailing their open-source supply chain attacks, TTPs, and critical mitigation strategies.
Shai-Hulud Worm Code Leak: How Clones Threaten Developer Environments
The release of Shai-Hulud worm source code triggers a surge in self-replicating clones, targeting software developers and automated CI/CD pipelines.
Shai-Hulud Supply Chain Attack: Malicious npm and Mistral Packages
The Shai-Hulud campaign targets developers with over 300 signed npm and PyPI packages impersonating TanStack and Mistral to steal sensitive credentials.
Bitwarden NPM Supply Chain Attack: Analyzing the TeamPCP Campaign
A malicious npm package impersonating Bitwarden was discovered exfiltrating sensitive data via the Shai-Hulud worm in a recent supply chain attack.