#shai-hulud
#shai-hulud
[ follow ]
fromTechzine Global
11 hours agoOn the heels of 2.0, Shai Hulud 3.0 emerges as a supply chain threat
Shai Hulud was first observed in September and specifically targets the JavaScript ecosystem. Instead of attacking end users, the malware focuses on developers by hiding malicious code in npm packages. Once such a package is installed, the malware attempts to collect sensitive information, including environment variables, API keys, and secrets from cloud and CI/CD environments. This data is then automatically leaked to GitHub repositories created by the attacker.
Tech industry
fromThe Hacker News
1 month agoShai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets
The second wave of the Shai-Hulud supply chain attack has spilled over to the Maven ecosystem after compromising more than 830 packages in the npm registry. The Socket Research Team said it identified a Maven Central package named org.mvnpm:posthog-node:4.18.1 that embeds the same two components associated with Sha1-Hulud: the "setup_bun.js" loader and the main payload "bun_environment.js." "This means the PostHog project has compromised releases in both the JavaScript/npm and Java/Maven ecosystems, driven by the same Shai Hulud v2 payload,"
Science
Information security
fromIT Pro
1 month agoShai-Hulud malware is back with a vengeance and hit more than 19,000 GitHub repositories so far - here's what developers need to know
Shai-Hulud worm infects npm packages, compromising ~700 packages and over 19,000 GitHub repositories to exfiltrate credentials, spread malicious payloads, and delete user files.
[ Load more ]