Mini-Shai-Hulud: Erneut millionenfach genutzte NPM-Pakete kompromittiert - Golem.de
… Diese enthalten jeweils die Zeichenkette "niagA oG eW ereH :duluH-iahS" , was invertiert für "Shai-Hulud: Here We Go Again" steht. …
Search
Related topics:
Shai-Hulud
All sources
bleepingcomputer.com
13
tomshardware.com
6
pcgamer.com
3
theregister.com
2
golem.de
1
techcrunch.com
1
github.blog
1
appleinsider.com
1
Tracked topic
Shai-Hulud
Videos
More videosTop stories
Compromised Mistral AI and TanStack packages may have exposed GitHub, cloud and CI/CD credentials in 'mini Shai Hulud' malware infection — supply-chain campaign spreads across npm and AI developer ecosystems like wildfire
… Microsoft has not publicly attributed the PyPI compromise to Mini Shai-Hulud. …
Hackers have compromised dozens of popular open source packages in an ongoing supply-chain attack | TechCrunch
… Researchers have dubbed the hacks “Mini Shai-Hulud,” after the attack followed a previous, more expansive hacking campaign. …
OpenAI confirms security breach in TanStack supply chain attack
… Download Now Related Articles: TeamPCP hackers advertise Mistral AI code repos for sale Official SAP npm packages compromised to steal credentials Shai Hulud attack ships signed malicious TanStack, Mistral npm packages Bitwarden CLI npm package compromised to steal developer credentials Trivy vulne… …
New TCLBanker malware self-spreads over WhatsApp and Outlook
… Download Now Related Articles: New GoGra malware for Linux uses Microsoft Graph API for comms Cybercrime service disrupted for abusing Microsoft platform to sign malware New Shai-Hulud malware wave compromises 600 npm packages Shai Hulud attack ships signed malicious TanStack, Mistral npm packages … …
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages By Bill Toulas May 12, 2026 07:29 AM Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware targeting developers. …
Popular node-ipc npm package compromised to steal credentials
… Download Now Related Articles: Shai Hulud attack ships signed malicious TanStack, Mistral npm packages New npm supply-chain attack self-spreads to steal auth tokens PyPI package with 1.1M monthly downloads hacked to push infostealer Hackers compromise Axios npm package to drop cross-platform malwar… …
Australia warns of ClickFix attacks pushing Vidar Stealer malware
… Download Now Related Articles: New macOS stealer campaign uses Script Editor in ClickFix attack New Infinity Stealer malware grabs macOS data via ClickFix lures Popular node-ipc npm package compromised to steal credentials Shai Hulud attack ships signed malicious TanStack, Mistral npm packages Fake… …
GitHub confirms breach of 3,800 repos via malicious VSCode extension
… Send your offers to the communications below, we are not interested in under 50k, the best offer will get it." TeamPCP was previously linked to massive supply chain attacks targeting developer code platforms, including GitHub , PyPI , NPM , and Docker , and, more recently, to the "Mini Shai-Hulud"… …
DAEMON Tools devs confirm breach, release malware-free version
… Download Now Related Articles: DAEMON Tools trojanized in supply-chain attack to deploy backdoor Popular node-ipc npm package compromised to steal credentials Shai Hulud attack ships signed malicious TanStack, Mistral npm packages TeamPCP hackers advertise Mistral AI code repos for sale OpenAI conf… …