Information security
fromTheregister
5 hours agoPostHog admits Shai-Hulud 2.0 was its biggest security scare
A malicious worm was inserted into popular PostHog JavaScript SDKs, stole developer and cloud credentials, and propagated by using exfiltrated tokens to publish further compromised packages.