Techly NewsGet the app

Get the latest tech news

Mini Shai-Hulud Strikes Again: 314 npm Packages Compromised


A compromised npm maintainer account published 637 malicious versions across 317 packages including size-sensor, echarts-for-react, timeago.js, and hundreds of @antv scoped packages, affecting 15M+ monthly downloads.

None

Get the Android app

Or read this on Hacker News

Read more on:

Photo of npm packages

npm packages

Photo of mini shai-hulud

mini shai-hulud

Photo of hulud strikes

hulud strikes

Related news:

News photo

Trivy Supply Chain Attack Spreads, Triggers Self-Spreading CanisterWorm Across 47 npm Packages

News photo

Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub

News photo

Shai-Hulud Returns: Over 300 NPM Packages Infected

« Baidu says the quiet part out loud – you can’t build AI infrastructure, so clouds can cash in
Japan’s SoftBank racks up huge profit gains with lift from lucrative AI investments »