Mini Shai-Hulud Attack Hits npm Ecosystem, Compromising Over 600 Packages
Source: Gbhackers
Published:
<p>A large-scale supply chain attack targeting the npm ecosystem has resurfaced with a new variant of the Mini Shai-Hulud malware, compromising more than 600 packages and introducing advanced evasion techniques, including forged Sigstore provenance. The attack primarily targeted the widely used @ant