#preinstall-malware
#preinstall-malware

[ follow ]

Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft

A renewed Sha1-Hulud supply-chain campaign compromises hundreds of npm packages, executes malicious preinstall scripts, registers self-hosted runners, and exfiltrates secrets.

[ Load more ]

#preinstall-malware#preinstall-malware

Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft

#preinstall-malware
#preinstall-malware