SafeDep
Coverage of SafeDep in the Nexus archive.
- 144 Mastra npm Packages Compromised via Hijacked Contributor Account
144 npm packages under the Mastra namespace (@mastra/*) were compromised in a supply chain attack named easy-day-js. A single npm account (ehindero) was used to mass-publish malicious packages, according to findings from JFrog, SafeDep, Socket, and StepSecurity.
- Miasma worms its way onto GitHub as attack kit goes open source
The Miasma worm, a supply-chain attack toolkit, was open-sourced on GitHub via compromised developer accounts, enabling attacks on public registries and repositories. SafeDep identified the malicious repositories, which allow credential-based attacks on platforms like PyPI, npm, and GitHub, following a pattern similar to TeamPCP's earlier mini Shai-Hulud worm. The release has raised concerns about supply-chain security, with 473 affected package artifacts tracked by Socket.
- Megalodon chums the waters in 5.5K+ GitHub repo poisonings
A malware campaign called Megalodon poisoned over 5,500 GitHub repositories with CI/CD credential-stealing malware, stealing AWS keys, Google Cloud tokens, and other sensitive credentials. The attack, discovered by SafeDep researchers, was distributed through a compromised Tiledesk package on npm, marking an escalation in supply chain attacks targeting developers.
- Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise
An npm account compromise infected 314 npm packages with malware, including popular packages such as size-sensor and echarts-for-react. The compromised account belongs to a developer based in Hangzhou, China, and the malware has been reported on GitHub. Developers who have installed compromised package versions are advised to rotate credentials and check for unauthorized repositories.
- Mini Shai-Hulud Strikes Again: 314 npm Packages Compromised
Mini Shai-Hulud has compromised 314 npm packages, marking a significant security incident in the technology sector. The attack highlights vulnerabilities in the npm ecosystem and potential risks for developers relying on these packages. Further analysis is required to determine the full extent of the compromise.
- SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware
Cybersecurity researchers have identified a supply chain attack campaign targeting SAP-related npm packages with the 'Mini Shai-Hulud' credential-stealing malware. Multiple security firms, including Aikido Security, SafeDep, Socket, StepSecurity, and Wiz, reported the compromise affecting SAP's JavaScript and cloud application packages.