Skip to content
The Nexus
SECURITYMay 12 · 21:38 UTCCYBERSCOOPGreg Otto

‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack

A malware campaign known as 'mini Shai-Hulud' has compromised hundreds of open-source packages, embedding credential-stealing code into development tools downloaded millions of times a week. The attack targeted prominent software libraries and infected thousands of companies at once. Security researchers attribute the campaign to TeamPCP, a cloud-focused cybercriminal group.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this