Skip to content
The Nexus
SECURITYMay 19 · 14:30 UTCBLEEPING COMPUTERBill Toulas

New Shai-Hulud malware wave compromises 600 npm packages

Threat actors published over 600 malicious packages to the Node Package Manager index as part of a new Shai-Hulud supply-chain campaign, compromising 600 npm packages. This campaign is a significant attack on the software supply chain. The attack was carried out earlier today.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this