WARPTECHNEWS · LAB

Home AI Business Tech Archive

WARPTECH LAB NEWS

Warptech Lab News aggrega le notizie più rilevanti da oltre 700 fonti internazionali, con classificazione AI, TL;DR sintetici e timeline cluster su singole storie.

Navigazione

Home
Archivio
Editor's Brief
Cerca
Il tuo account
Newsletter tech/AI

Informazioni legali

Privacy Policy
Termini di servizio
Cookie Policy

© 2026 Sparktech S.R.L. — Tutti i diritti riservati. Sito gestito e manutenuto da Sparktech S.R.L.

Sede legale: Corso Libertà 55, 13100 Vercelli (VC), Italia · P.IVA / C.F. 02835910023 · Contatti: admin@warptechlab.com

GitHub NPM Supply Chain Attack - Crypto Wallet Targeting

GitHub NPM Supply Chain Attack - Investigation Report Date: May 29, 2026 Case ID:...

venerdì 5 giugno 2026 New tab

710 words~3 min read

GitHub NPM Supply Chain Attack - Investigation Report

Date: May 29, 2026

Case ID: ONCHAIN-2026-0529-002

Threat Names: Megalodon, Mini Shai-Hulud

Status: Active - Ongoing Crisis

Other newsrooms on this story

· 6 sources

Full timeline →

theregister.com·Jun 1, 2026 · 5 g fa
Shai-Hulud malware worms Red Hat npm package versions downloaded 80K times a week
bleepingcomputer.com·Jun 4, 2026 · 2 g fa
New IronWorm malware hits 36 packages in npm supply-chain attack
thehackernews.com·Jun 1, 2026 · 5 g fa
Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm
securityweek.com·Jun 2, 2026 · 5 g fa
Supply Chain Attack Hits 32 Red Hat NPM Packages
thehackernews.com·Jun 5, 2026 · 1 g fa
IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
darkreading.com·Jun 5, 2026 · 2 g fa
Rust-Written IronWorm Hits NPM Supply Chain

Related reading

securityweek.com

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.

securityweek.com·18 g fa

securityweek.com

Over 5,500 GitHub Repositories Infected in 'Megalodon' Supply Chain Attack

The Megalodon supply chain attack poisoned over 5,500 GitHub repositories via automated commits injecting GitHub Actions…

securityweek.com·13 g fa

Megalodon cyberattack infects 5,500 GitHub repositories, report says

Security researchers say 5,500 GitHub repositories have been affected by the attack.

mashable.com·12 g fa

How `shieldcortex audit --deps` Catches the parikhpreyash4 Supply-Chain Attack

A 700-repo npm supply-chain campaign drops /tmp/.sshd and bolts a fake "Dependency Cache Sync" step into your GitHub Actions.…

dev.to·14 g fa

thehackernews.com

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More…

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm…

thehackernews.com·25 g fa

bleepingcomputer.com

New Shai-Hulud malware wave compromises 600 npm packages

Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a new…

bleepingcomputer.com·18 g fa