Cybersecurity researchers have disclosed details of what appears to be a new strain of Shai Hulud on the npm registry with slight modifications from the previous wave observed last month.The npm package that embeds the novel Shai Hulud strain is “@vietmoney/react-big-calendar,” which was uploaded to npm back in March 2021 by a user named “hoquocdat.” It was updated for the first time on
First seen on thehackernews.com
Jump to article: thehackernews.com/2025/12/researchers-spot-modified-shai-hulud.html
