A new Shai-hulud variant turns trusted npm installs into a stealthy path for cloud-credential theft and supply chain compromise.
First seen on esecurityplanet.com
Jump to article: www.esecurityplanet.com/threats/shai-hulud-2-0-turns-npm-installs-into-a-full-cloud-compromise-path/
