TT-CSIRT – 453.24.09.25 – Shai-Hulud Self-Replicating Worm Supply Chain Compromise
Please be advised, CISA has issued a critical alert regarding a widespread supply chain attack involving npmjs.com, the largest JavaScript package registry. A self-replicating worm named “Shai-Hulud” has compromised over 500 npm packages. After initial access, the attacker deployed malware scans for sensitive credentials such as GitHub Personal Access Tokens (PATs) and cloud service API […]