Typosquatted npm packages used to steal cloud and CI/CD secrets
Source: Blogs.Microsoft
Published:
<p>The Mini Shai-Hulud campaign used malicious npm packages to target cloud and CI/CD credentials across developer environments. This report details the attack chain, detection opportunities, and mitigation guidance to help organizations identify and disrupt related activity.</p>