Skip to content
The Nexus
DossierENTITY

Shai-Hulud

Coverage of Shai-Hulud in the Nexus archive.

Earliest in view: May 12 · 11:29 UTCMost recent: Jun 23 · 00:17 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 23 · 00:17 UTCTHE REGISTER
    Sniff out stale AI override advice with this open source CLI

    The CVE Lite CLI, an open-source tool endorsed by OWASP, helps developers scan dependencies to mitigate software supply chain attacks. Its recent update includes override auditing to address transitive dependency vulnerabilities, such as those seen in the node-ipc package incident and Shai-hulud attacks. The tool identifies broken overrides in projects like Cal.com, which had 11 ineffective override entries.

  • SECURITYJun 1 · 21:38 UTCBLEEPING COMPUTER
    Red Hat npm packages compromised to steal developer credentials

    More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, dubbed 'Miasma'.

  • SECURITYMay 20 · 23:00 UTCDECRYPT
    Shai-Hulud: What to Know About the Malware Spreading Through Software Pipelines

    The Shai-Hulud malware campaign is spreading through software pipelines by exploiting automated systems. This campaign targets developers who trust these systems to publish software safely. The malware is a supply-chain threat.

  • SECURITYMay 20 · 10:27 UTCTHE REGISTER
    GitHub says internal repos exfiltrated after poisoned VS Code extension attack

    GitHub was compromised due to a malicious Visual Studio Code extension, resulting in the exfiltration of internal repositories. The company is analyzing logs and monitoring for further activity. The incident has raised concerns about the security of private repositories and credentials.

  • SECURITYMay 19 · 14:30 UTCBLEEPING COMPUTER
    New Shai-Hulud malware wave compromises 600 npm packages

    Threat actors published over 600 malicious packages to the Node Package Manager index as part of a new Shai-Hulud supply-chain campaign, compromising 600 npm packages. This campaign is a significant attack on the software supply chain. The attack was carried out earlier today.

  • SECURITYMay 19 · 12:58 UTCTHE REGISTER
    Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise

    An npm account compromise infected 314 npm packages with malware, including popular packages such as size-sensor and echarts-for-react. The compromised account belongs to a developer based in Hangzhou, China, and the malware has been reported on GitHub. Developers who have installed compromised package versions are advised to rotate credentials and check for unauthorized repositories.

  • SECURITYMay 18 · 22:07 UTCTHE REGISTER
    Shai-Hulud copycat worm infects yet another npm package

    A Shai-Hulud copycat worm has been found in another npm package, chalk-tempalte, which is a malicious extension of the popular JavaScript library Chalk. The poisoned package contains a clone of Shai-Hulud, which steals secrets and sends them to a remote server. Four malicious packages have been detected, with a total of 2,678 weekly downloads.

  • SECURITYMay 18 · 19:53 UTCDARK READING
    Shai-Hulud Worm Clones Spread After Code Release

    The release of Shai-Hulud source code poses a threat to software developers due to its self-replicating nature. Researchers are concerned that the worm could spread rapidly. This raises concerns about the potential impact on the software development community.

  • SECURITYMay 18 · 17:28 UTCBLEEPING COMPUTER
    Leaked Shai-Hulud malware fuels new npm infostealer campaign

    The Shai-Hulud malware has been leaked and is being used in new attacks on the Node Package Manager index, with infected packages emerging over the weekend. This malware is fueling a new npm infostealer campaign. The attacks are targeting the npm index.

  • SECURITYMay 18 · 08:57 UTCTHE HACKER NEWS
    Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware

    Cybersecurity researchers discovered four malicious npm packages containing information-stealing malware and DDoS malware. The packages have a total of 3006 downloads. One of the packages is a clone of the Shai-Hulud worm.

  • SECURITYMay 14 · 18:30 UTCDECRYPT
    OpenAI Confirms Security Breach Linked to AI Malware Campaign

    OpenAI confirmed a security breach linked to an AI malware campaign, where malware accessed internal repositories after infecting two employee devices. The breach is tied to the Shai-Hulud supply chain attack. OpenAI's internal systems were compromised as a result.

  • SECURITYMay 13 · 06:23 UTCTHE REGISTER
    Malware crew TeamPCP open-sources its Shai-Hulud worm on GitHub

    The malware crew TeamPCP has open-sourced its Shai-Hulud worm on GitHub, allowing any actor to modify and expand its reach. The worm attacks npm packages and looks for credentials for users of cloud services. Security outfit Ox has spotted the repos and believes that independent threat actors have already begun modifying it.

  • SECURITYMay 12 · 11:29 UTCBLEEPING COMPUTER
    Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

    A new Shai-Hulud supply-chain campaign has compromised hundreds of packages on npm and PyPI, delivering credential-stealing malware targeting developers. The malicious packages include TanStack and Mistral. This campaign affects developers using these packages.