Advertisement
SU
HIGH
Supply Chain
Shai-Hulud Infostealer Surfaces in Malicious npm Package Campaign
Leaked Shai-Hulud malware is targeting Node.js developers via malicious npm packages, exfiltrating sensitive data and credentials to Telegram-based C2.
Runtime Rebel Intel
4 min read·May 18, 2026
HIGH
Supply Chain
RubyGems Signups Suspended Amid Massive Malicious Package Attack
RubyGems halts new registrations after hundreds of malicious packages flood the registry, signaling a major supply chain security threat for Ruby developers.
Runtime Rebel Intel
4 min read·May 12, 2026
SU
HIGH
Supply Chain
Official SAP npm Packages Compromised in TeamPCP Supply Chain Attack
Attackers compromised official SAP npm packages to exfiltrate developer credentials and tokens. Learn how to detect and remediate this supply chain threat.
Runtime Rebel Intel
3 min read·Apr 30, 2026