SECURITYTHE REGISTER
Malware crew TeamPCP open-sources its Shai-Hulud worm on GitHub
The malware crew TeamPCP has open-sourced its Shai-Hulud worm on GitHub, allowing any actor to modify and expand its reach. The worm attacks npm packages and looks for credentials for users of cloud services. Security outfit Ox has spotted the repos and believes that independent threat actors have already begun modifying it.