资讯

NewsBytes

Shai-Hulud worm infects 25 npm packages, including CrowdStrike's

CrowdStrike, a cybersecurity company, is grappling with a self-replicating worm named Shai-Hulud that has compromised numerous code packages.
Security Boulevard

Self-Replicating Worm Compromising Hundreds of NPM Packages

Hulud" has compromised hundreds of packages in the npm repository with a self-replicating worm that steals secrets like API key, tokens, and cloud credentials and sends them to external servers that ...
The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

The malicious JavaScript code ("bundle.js") injected into each of the trojanized package is designed to download and run ...

Self-propagating worm fuels latest npm supply chain compromise

In a similar style to the Nx attack, the payload then publishes a new repo via the victim's GitHub account, dropping stolen ...