SecurityWeek

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.

Hackers have compromised dozens of popular open source packages in an ongoing supply-chain attack

Hulud, which has already compromised several open source projects and, in turn, developers and companies that use them.