Tag: Shai-Hulud
Cyber Threats to DevOps Platforms Rising Fast, GitProtect Report Finds
Jeff Burt | | Azure DevOps, CI/CD, code repositories, Cybersecurity, DevOps platform downtime, devops security, extortion, GitHub security, GitProtect.io DevOps Threats report, GPUGate, JIRA, Kaspersky Lab, NPM security, Ransomware, Shai-HuludThe number of incidents targeting DevOps platforms grew 21% in 2025, but the amount of downtime jumped almost 95%, the security firm said ...
Bad Actor Drops 36 Malicious Packages in npm, Targets Guardarian Users
Jeff Burt | | credentials, cryptocurrency, docker containers, Guardarian, kubernetes, Lazarus Group, npm malware, Python, Redis, SafeDep, Secrets, Shai-Hulud, software supply chain attacks, sonatype, StrapiThe npm code repository is again being used by a bad actor to launch a supply chain attack that includes three dozen malicious packages that appear as Strapi CMS plugins but deliver ...
Second Coming of Shai-Hulud Cyberattack Ravages JavaScript Repositories
A major expansion of the self-propagating Shai-Hulud cyberattack aimed at popular node package managers (npms) used by JavaScript application developers is creating a major headache for DevSecOps teams around the globe. Based ...
Chainguard Adds Curated Repository to Secure JavaScript Libraries
Mike Vizard | | curated JavaScript libraries, DevSecOps practices, JavaScript dependency security, malware in open source, NPM security, open source software security, secure artifact management, secure software supply chain, Shai-Hulud, SLSA frameworkChainguard launched curated JavaScript libra ries built on the SLSA framework to secure software supply chains and protect against NPM malware risks ...
Shai-Hulud Attacks Shake Software Supply Chain Security Confidence
Being the Dune groupie that I am, I couldn't pass up the chance to comment on the "Shai-Hulud" NPM attacks. What a clever name for a worm attack. But as the saying ...
