Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering ...
TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
Claude Code vulnerability allows attackers to intercept OAuth tokens, enabling access to connected SaaS platforms and ...
An attacker poisoned 84 TanStack npm versions across 42 packages, stealing GitHub OIDC tokens and cloud keys while planting a ...
A new wave of the Mini Shai-Hulud campaign compromised dozens of TanStack npm packages as part of a broader supply chain ...
Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...
TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...
The wave of supply chain attacks aimed at security and developer tools has washed up more victims, namely SAP and Intercom ...
Home » Security Bloggers Network » Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework The post Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude ...
Cryptopolitan on MSN
Malicious SAP npm packages target crypto wallet data
Four npm packages linked to SAP's Cloud Application Programming Model were hijacked. The hackers added code that steals ...
Over 170 TanStack, Mistral AI, OpenSearch, UiPath, and other packages were affected in a new Mini Shai-Hulud supply chain ...
Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results