资讯

GovInfoSecurity

Shai Hulud Burrows Into NPM Repository

An apparent "Dune" aficionado is responsible for the first self-propagating attack on the npm JavaScript repository in what one security company has ...
TestingCatalog

GitHub launches MCP registry to centralize server discovery

What's new? GitHub launched the MCP registry to list MCP servers for Copilot, AI agents and tools; it supports one click ...
NewsBytes

Shai-Hulud worm infects 25 npm packages, including CrowdStrike's

CrowdStrike, a cybersecurity company, is grappling with a self-replicating worm named Shai-Hulud that has compromised numerous code packages.
Infosecurity Magazine

Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets

The bundle.js script is designed to steal npm, GitHub, AWS and GCP tokens. But it also installs TruffleHog – an open source ...
Security Boulevard

Self-Replicating Worm Compromising Hundreds of NPM Packages

Hulud" has compromised hundreds of packages in the npm repository with a self-replicating worm that steals secrets like API key, tokens, and cloud credentials and sends them to external servers that ...
Futurism on MSN

CrowdStrike Infested With "Self-Replicating Worms"

The vendor was one of a many whose code modules were infected by a never before seen strand of malware known as "Shai-Hulud." ...
Cybernews

Hundreds of NPM packages compromised as ongoing supply chain attack snowballs out of control

Halud, is compromising hundreds of NPM packages, spreading self-replicating malware, exfiltrating data, and turning private ...
Mirage News

FigureYa: Boosting Biomedical Data Insight & Research

With the widespread application of technologies such as high-throughput sequencing, large-scale clinical trials, and complex computational ...
Cyber Daily

Kull wahad! Shai-Hulud worm infects more than a hundred npm code packages

A malware capable of devouring data in “smash-and-grab” style attacks also compromised several CrowdStrike code packages ...