🚨 npm Under Attack Again: Shai-Hulud Returns 🚨 The Shai-Hulud malware campaign is back, targeting npm for the second time. What's happening: 🔴 Infected packages steal your credentials the moment you install them - including developer tokens, CI/CD secrets, and cloud keys (AWS, GCP, Azure) 🔴 Attackers hide in your GitHub by creating secret "shai-hulud" branches and malicious workflows 🔴 It spreads automatically: when one developer's account is compromised, the malware infects all their other packages too Check if your packages are on the list. Yonatan Broder gives a full analysis and remediation steps in our latest blog. https://lnkd.in/g5QNtgRR
At least someone has a sense of humour naming the attack after the sandworm on Arrakis.!!! 🤣