URL has been copied successfully!
Mini Shai-Hulud Worm Poisons LeoPlatform npm Packages to Steal Developer and CI/CD Secrets
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Mini Shai-Hulud Worm Poisons LeoPlatform npm Packages to Steal Developer and CI/CD Secrets


Tags: , , , , ,

A fresh supply-chain wave tied to the Mini Shai-Hulud, Miasma, and Hades malware families is actively poisoning npm packages in the LeoPlatform and RStreams ecosystems and expanding into source-repository compromises. The intrusion blends registry poisoning, install-time execution via binding.gyp, Bun-staged JavaScript loaders, GitHub Actions abuse, and persistence hooks for IDEs and AI coding assistants an […] The post Mini Shai-Hulud Worm Poisons LeoPlatform npm Packages to Steal Developer and CI/CD Secrets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

First seen on gbhackers.com

Jump to article: gbhackers.com/shai-hulud-worm-poisons-leoplatform/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Mini Shai-Hulud Worm Poisons LeoPlatform npm Packages to Steal Developer and CI/CD Secrets
  2. The 2024 cyberwar playbook: Tricks used by nation-state actors
  3. Modern supply-chain attacks and their real-world impact
  4. Shai-Hulud & Co.: The software supply chain as Achilles’ heel