A new Shai-Hulud supply chain attack has compromised nearly 500 npm packages, affecting millions of downloads and exposing sensitive data. This sophisticated malware campaign targets major ecosystems and exploits trusted packages to steal secrets and spread further. #ShaiHulud #npmattack
Keypoints
- The Shai-Hulud attack infected approximately 500 npm packages used in JavaScript environments.
- The malware creates over 25,000 repositories labeled βSha1-Hulud: The Second Comingβ containing sensitive credentials.
- The malware disguises itself as a helpful installer, employing obfuscation and delayed execution techniques.
- It searches for secrets like API keys and tokens, exfiltrates data, and pushes malicious copies to npm for propagation.
- The attack impacts major providers including Zapier, AsyncAPI, Postman, and cloud platforms like AWS, Azure, and GCP.
Read More: https://thecyberexpress.com/new-shai-hulud-attack-hits-500-npm-packages/