Dossier
Hangzhou, China
Coverage of Hangzhou, China in the Nexus archive.
- Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise
An npm account compromise infected 314 npm packages with malware, including popular packages such as size-sensor and echarts-for-react. The compromised account belongs to a developer based in Hangzhou, China, and the malware has been reported on GitHub. Developers who have installed compromised package versions are advised to rotate credentials and check for unauthorized repositories.