The newly emerged worm has spread across hundreds of open source software packages, stealing credentials and infecting other components without much direct attacker input.
First seen on darkreading.com
Jump to article: www.darkreading.com/application-security/self-replicating-shai-hulud-worm-npm-packages
