Cybernews

Shai-Hulud supply chain attacks back with a vengeance, impacting 28k GitHub repositories

The Shai-Hulud supply chain attack campaign, responsible for compromising hundreds of CrowdStrike’s NPM packages in September ...

Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub

Hundreds of trojanized versions of well-known packages such as Zapier, ENS Domains, PostHog, and Postman have been planted in ...
SecurityWeek

640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack

Approximately 640 NPM packages have been infected with a new variant of the Shai-Hulud self-replicating worm in a fresh wave of attacks.
Business Wire

Postman Galaxy 2020 Announced as 3-Day Virtual Global API Conference

SAN FRANCISCO--(BUSINESS WIRE)--Postman, the leading platform for API development, today announced details and registration for Postman Galaxy 2020, the company’s virtual global user conference. The ...
The Register on MSN

Shai-Hulud worm returns, belches secrets to 25K GitHub repos

Trojanized npm packages spread new variant that executes in pre-install phase, hitting thousands within days A self-propagating malware targeting node package managers (npm) is back for a second round ...

Shai-Hulud 2.0 Credential Leak Hits Zapier, PostHog and Postman — User Data At Risk

The digital landscape is once again shaking as a new iteration of a major credential leak—dubbed 'Shai-Hulud 2.0'—has ...