Tag: Shai-Hulud worm
IronWorm Malware Shares Shai-Hulud Traits, Takes Threat to ‘Next Level’
Jeff Burt | | ebpf, IronWorm, jfrog, malware, Miasma, OX Security, Rust programming language, Shai-Hulud worm, software developers, software supply chain attacks, TeamPCPOpen source software developers continue to come under attack, with the latest threat being a custom malware that shares many of the attributes of the notorious Shai-Hulud self-propagating worm but comes with ...
Shai-Hulud Clone ‘Miasma’ Compromises 32 Red Hat npm Packages
Jeff Burt | | Aikido Security, CI/CD (Continuous Integration/Continuous Deployment), Cloud Security, credential security, GitHub Actions, leaked secrets, npm malware, Orca Security, Shai-Hulud worm, TeamPCP, WizThe threat group behind the notorious Mini Shai-Hulud worm last month put the complete source code for the malware into a GitHub repository, essentially open sourcing the threat so that other bad ...
Widespread Mini Shai-Hulud Campaign Is a Matter of Trust
Jeff Burt | | 360 Privacy, AI supply chain attacks, Aikido Security, CI/CD security, credentials, Endor Labs, npm malware, Pathlock, Sectigo, Shai-Hulud worm, TeamPCP, trust in technologyThe latest series of attacks using the notorious Shai-Hulud worm puts into sharp focus the threats facing software developers and their CI/CD pipelines, an issue that has been raised in recent months ...
‘PackageGate’ Vulnerabilities Can Let Attackers Bypass Shai-Hulud Defenses
Jeff Burt | | Aikido Security, Bun, Git dependency, github, Koi Security, microsoft, npm registry, PhantomRaven, PNPM, remote code execution, Shai-Hulud worm, supply chain attack, VLTIn the wake of the massive Shai-Hulud supply chain attack that ripped through npm late last year and compromised more than 700 packages and exposed 25,000 repositories, developers in the JavaScript world ...
Attackers Testing New Strain of Shai-Hulud on npm: Aikido
Jeff Burt | | Aikido Security, GitHub repositories, information stealing, JavaScript, leaked secrets, npm registry, Shai-Hulud wormThreat actors behind the virulent Shai-Hulud worm that wreaked havoc in open npm repositories toward the end of 2025 apparently are trying out a new strain that comes with slight modifications. Security ...
Worms in the Supply Chain: Shai-Hulud and the Next DevOps Reckoning
Jenn Yarnold | | artifact provenance, CI/CD security, continuous verification, credential theft, devops security, devsecops, GitHub tokens, npm malware, OIDC, pipeline security, SBoM, Secure software delivery, Shai-Hulud worm, short-lived tokens, Software Supply Chain, supply chain attackDevOps was supposed to make software delivery faster, safer and more reliable. For the most part, it has. But every so often, something nasty crawls out of the shadows and reminds us ...
How GitHub Plans to Secure npm After Recent Supply Chain Attacks
Tom Smith | | API token deprecation, CI/CD authentication, crates.io security, npm 2FA, npm registry attack, npm token theft, open source security, package registry malware, PyPI trusted publishing, Shai-Hulud worm, Software Supply Chain Security, trusted publishingGitHub strengthens npm security after Shai-Hulud worm attack with mandatory 2FA, granular tokens, and trusted publishing to protect the open source supply chain ...
