SECURITYBLEEPING COMPUTER
New Shai-Hulud malware wave compromises 600 npm packages
Threat actors published over 600 malicious packages to the Node Package Manager index as part of a new Shai-Hulud supply-chain campaign, compromising 600 npm packages. This campaign is a significant attack on the software supply chain. The attack was carried out earlier today.