Shai-Hulud
Threat Actors Abuse ChatGPT Chats to Host Fake Outage Page, Deliver Malware
Threat actors are using legitimate-looking ChatGPT service outage notices planted in the chatbot's content-sharing feature to convince users to click on a button to download the ChatGPT desktop app. Hitting the button ...
TeamPCP Takes Cover by Releasing Source Code on GitHub, Spurs CopycatsÂ
Just a brief exposure of source code on GitHub by Shai-Hulud is enough to give TeamPCP plausible deniability and spark copycat campaigns ...
Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack
What happened TeamPCP’s Mini Shai-Hulud supply chain campaign has expanded again, with over 320 npm packages compromised through a hijacked maintainer account in the @antv namespace. The compromised account, atoll, also publishes ...
1,800 Developers Hit in Mini Shai-Hulud Supply Chain Attack Across PyPI, NPM, and PHP
What happened A supply chain attack campaign attributed to TeamPCP, dubbed Mini Shai-Hulud, has compromised packages across the PyPI, NPM, and PHP ecosystems over a two-day period, affecting over 1,800 developer repositories ...
Bitwarden CLI Compromise Linked to Ongoing Checkmarx Supply Chain Campaign
A compromise of the popular Bitwarden password manager is linked to the ongoing Checkmarx supply chain campaign, with bad actor injecting malicious code in a version of its CLI. However, while there ...
The Latest Shai-Hulud Malware is Faster and More Dangerous
A new iteration of the Shai-Hulud malware that ran through npm repositories in September is faster, more dangerous, and more destructive, creating huge numbers of malicious repositories, compromised scripts, and GitHub users ...
Self-Replicating Worm Compromising Hundreds of NPM Packages
An ongoing supply chain attack dubbed "Shai-Hulud" has compromised hundreds of packages in the npm repository with a self-replicating worm that steals secrets like API key, tokens, and cloud credentials and sends ...
