A new, more destructive variant of the Shai-Hulud worm has infected over 640 NPM packages, escalating supply chain attacks and data exfiltration efforts. Security researchers warn about its rapid spread and destructive capabilities across development environments and pipelines. #ShaiHulud #NPMpackages
Keypoints
- The Shai-Hulud worm initially infected over 180 packages in September, exposing sensitive credentials.
- The latest version uses preinstall scripts to propagate, increasing its impact on dev environments.
- The malware can wipe data, hijack DNS, and escalate privileges on infected systems.
- Researchers identified over 25,000 malicious repositories and a high volume of new package publications every 30 minutes.
- Organizations are advised to review workflows, rotate secrets, and enforce strict access policies to mitigate the threat.
Read More: https://www.securityweek.com/640-npm-packages-infected-in-new-shai-hulud-supply-chain-attack/