Search

Showing top 55 results for "Shai-Hulud"

Shai-Hulud

38 articles indexed Last updated 1d ago See topic hub

Videos

GitHub announces npm security changes to tackle supply-chain attacks

…GitHub disables Microsoft repos pushing password-stealing malware New IronWorm malware hits 36 packages in npm supply-chain attack New Shai-Hulud malware wave compromises 600 npm packages Shai Hulud attack ships…

Jun 10, 2026 · Bill Toulas

Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

Shai Hulud attack ships signed malicious TanStack, Mistral npm packages By Bill Toulas May 12, 2026 07:29 AM Hundreds of packages across npm and PyPI have been compromised in a new…

May 12, 2026 · Bill Toulas

New TCLBanker malware self-spreads over WhatsApp and Outlook

…New GoGra malware for Linux uses Microsoft Graph API for comms Cybercrime service disrupted for abusing Microsoft platform to sign malware New Shai-Hulud malware wave compromises 600 npm packages Shai Hulud…

May 7, 2026 · Bill Toulas

Grafana breach caused by missed token rotation after TanStack attack

…In the ongoing Shai-Hulud malware campaign attributed to TeamPCP hackers, dozens of TanStack packages infected with credential-stealing code were published on the npm index, compromising developer environments, including Grafana's…

May 20, 2026 · Bill Toulas

Discussions and forums

r/netsec · u/Upstairs_Safe2922 · May 21, 2026

durabletask (Microsoft's Python Durable Task client) compromised by TeamPCP | same Mini Shai-Hulud payload as last week's TanStack wave

We've been tracking TeamPCP since March. This is the fifth major package in the same campaign. Full chronology: Mar 19 — Trivy compromised. CI/CD secrets harvested downstream. Mar 24 — LiteLLM 1.82.7/1.82.8 to PyPI via c…

Hacker News · u/radku · 1w ago

Show HN: AVP – an agent can't leak a secret it never had

A process can't leak a secret it never had.Shai-hulud, prompt-injection - you name it. They cannot steal what your agent (or an process) don't have.I run coding agents (Claude Code, Codex) on my own machines most of the …

Ukraine identifies infostealer operator tied to 28,000 stolen accounts

…Australia warns of ClickFix attacks pushing Vidar Stealer malware New Shai-Hulud malware wave compromises 600 npm packages Shai Hulud attack ships signed malicious TanStack, Mistral npm packages INTERPOL ‘Operation Ramz’ seizes…

May 20, 2026 · Bill Toulas

Hola Browser for Windows compromised to deliver cryptominer

…DAEMON Tools trojanized in supply-chain attack to deploy backdoor New IronWorm malware hits 36 packages in npm supply-chain attack New Shai-Hulud malware wave compromises 600 npm packages Shai Hulud…

Jun 4, 2026 · Bill Toulas

Suspicious Polyfill login prompts pop up on Toshiba, Muji websites

…New IronWorm malware hits 36 packages in npm supply-chain attack Chinese hackers use new Atlas RAT malware in European cyberattacks New Shai-Hulud malware wave compromises 600 npm packages Shai Hulud…

Jun 5, 2026 · Bill Toulas

Popular node-ipc npm package compromised to steal credentials

…Shai Hulud attack ships signed malicious TanStack, Mistral npm packages New npm supply-chain attack self-spreads to steal auth tokens PyPI package with 1.1M monthly downloads hacked to push infostealer…

May 15, 2026 · Bill Toulas

TeamPCP Is Ruining Open Source Code At An Alarming Rate - PC Perspective

…distinct pieces of software . They’ve even automated their attacks using a tool dubbed Mini Shai-Hulud which is a really nasty self-spreading worm. Once it steals a single set of…

May 22, 2026 · Jeremy Hellstrom

Microsoft had to shut down 70+ GitHub repos after getting hacked, brings back some

…For background, Miasma is a variant of the Mini Shai-Hulud worm, open-sourced by the threat group TeamPCP. It started its journey by compromising a Red Hat employee's GitHub account…

Jun 10, 2026 · Aditya Tiwari

Followed topics