On November 24, a new wave of the Shai-Hulud supply chain attack emerged. The threat actors exfiltrate stolen credentials directly to GitHub repositories created with compromised tokens. GitGuardian identified 14,206 secrets across 487 organizations, with 2,485 still valid.
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2025/11/shai-hulud-2-0-over-14000-secrets-exposed/
