Skip to content
The Nexus
SECURITYApr 30 · 23:21 UTCTHE REGISTERJessica Lyons

The never-ending supply chain attacks worm into SAP npm packages, other dev tools

A new wave of supply chain attacks has targeted SAP and Intercom npm packages, as well as the lightning PyPI package, spreading credential-stealing malware named Mini Shai-Hulud. The attacks highlight ongoing vulnerabilities in developer tools and package repositories.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this