Hulud 2.0,' has created a severe supply chain crisis, compromising key platforms like Zapier, PostHog, and Postman.
The originators of the Contagious Interview cyberattack campaign are stitching GitHub, Vercel, and NPM together into a development and delivery pipeline to drop malware.
The originators of the Contagious Interview cyberattack campaign are stitching GitHub, Vercel, and NPM together into a ...
"As a new and significantly more aggressive wave of npm supply chain malware, Shai-Hulud 2 combines stealthy execution, ...
Sha1-Hulud malware is an aggressive npm supply-chain attack compromising CI/CD and developer environments. This blog addresses frequently asked questions and advises cloud security teams to ...
Shai-Hulud malware infiltrates 490 NPM packages, stealing API keys and credentials from ENS and major crypto development ...
The attackers have learned from their mistakes and have now developed a more aggressive version of the worm. It has already ...
Hundreds of trojanized versions of well-known packages such as Zapier, ENS Domains, PostHog, and Postman have been planted in ...
While the September 2025 Shai-Hulud attack focused primarily on credential harvesting and self-propagation, this new variant ...
Tsundere botnet spreads via MSI and PowerShell installers, using Ethereum-based C2 rotation and game-themed lures to target ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback