A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to steal credentials and secrets from developer machines and deliver a self-propagating worm. “This is effectively a Mini Shai-Hulud campaign: it uses the same core tactics of install-time execution, credential harvesting, CI/CD targeting, encrypted exfiltration, and potential
Tag: ShaiHulud
AI, Global Security News
The Hackers Behind Shai-Hulud: Lucky or Skilled?
TeamPCP, the hackers behind the Shai-Hulud worm, has done significant damage to the open source ecosystem. But it’s not necessarily due to skill alone.
AI, Global Security News
Mini Shai-Hulud Hits Hundreds of npm Packages in AntV Ecosystem
Mini Shai-Hulud worm hits Alibaba AntV ecosystem in largest npm supply chain wave to date
AI, Apps, Global Security News, malware
Mini Shai-Hulud returns, compromising hundreds of npm packages
A self-replicating malware campaign known as Mini Shai-Hulud has resurfaced, this time embedding itself across hundreds of npm packages. The threat actor behind it, identified as TeamPCP, has been linked to earlier waves of the same campaign, with this latest variant more capable than previous waves. Researchers analyzing the payload found a worm that spreads…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Risk Management
Shai-Hulud worm copycats emerge after source code leak
Shai-Hulud worm copycats are already attacking NPM developers after its source code leaked, enabling fast supply chain exploitation. The first copycats of the Shai-Hulud worm have already started showing up online, only a few days after the malware’s source code was dumped on GitHub. Researchers had warned this would happen almost immediately, and they were…
AI, Global Security News
Shai-Hulud Worm Clones Spread After Code Release
The release of Shai-Hulud source code spells trouble for software developers as researchers worry the self-replicating worm could scale.
AI, Global Security News, malware
Leaked Shai-Hulud malware fuels new npm infostealer campaign
The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected packages emerged over the weekend. […]
AI, Global Security News
Mini Shai-Hulud Hits TanStack npm Packages
Mini Shai-Hulud compromises TanStack npm packages and spreads across PyPI
AI, Global Security News, malware
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
A large-scale software supply-chain attack involving the “Shai-Hulud” malware has compromised hundreds of packages across open-source software ecosystems. […]
AI, Apps, Data Breaches, Endpoint, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management, Russia
TeamPCP Weekly Analysis: 2026-W18 (2026-04-27 through 2026-05-03), (Mon, May 4th)
Summary The most significant development of the week was the April 29 to 30 Mini Shai-Hulud worm, a self-propagating supply chain campaign that compromised four official SAP npm packages, two PyTorch Lightning PyPI versions, two intercom-client npm versions, and the intercom-php Packagist package across three package ecosystems. OX Security tracked roughly 1,800 GitHub repositories created…
AI, Global Security News
TeamPCP Hijacks Bitwarden CLI, Uses Dependabot to Deploy Shai-Hulud Malware
GitGuardian uncovers TeamPCP attack on Bitwarden CLI, abusing GitHub Dependabot to spread Shai-Hulud and poison AI coding tools.
AI, Global Security News, malware
Shai-Hulud-Like Worm Targets Developers via npm and AI Tools
Supply chain worm mimicking Shai-Hulud malware spread via malicious npm packages, targeting AI tools has been identified by security researchers