WARPTECHNEWS · LAB
HomeAIBusinessTechArchive
WARPTECH LAB NEWS

Warptech Lab News aggrega le notizie più rilevanti da oltre 700 fonti internazionali, con classificazione AI, TL;DR sintetici e timeline cluster su singole storie.

Navigazione

  • Home
  • Archivio
  • Editor's Brief
  • Cerca
  • Il tuo account
  • Newsletter tech/AI

Informazioni legali

  • Privacy Policy
  • Termini di servizio
  • Cookie Policy

© 2026 Sparktech S.R.L. — Tutti i diritti riservati. Sito gestito e manutenuto da Sparktech S.R.L.

Sede legale: Corso Libertà 55, 13100 Vercelli (VC), Italia · P.IVA / C.F. 02835910023 · Contatti: admin@warptechlab.com

Home
Storia in 10 fonti

New Shai-Hulud malware wave compromises 600 npm packages

Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a new Shai-Hulud supply-chain campaign.

Raccontata dathehackernews.combleepingcomputer.cominfoworld.comtheregister.comheise.detechcrunch.comnews.bitcoin.comilsoftware.itsecurityweek.comdecrypt.co

Confronto fonti

6 prospettive sulla stessa storia
AI · summaries
bleepingcomputer.comStai leggendo1 mesi fa

New Shai-Hulud malware wave compromises 600 npm packages

Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a new Shai-Hulud supply-chain campaign.

originale

Timeline cronologica

  1. lunedì 18 maggio 2026·thehackernews.com

    Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware

    4 malicious npm packages with 3,006 downloads spread stealers and Phantom Bot, forcing removals and secret rotation.

  2. lunedì 18 maggio 2026·bleepingcomputer.com

    Leaked Shai-Hulud malware fuels new npm infostealer campaign

    The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected packages emerged over the weekend.

securityweek.com
1 mesi fa

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.

Leggi questa versione → originale
theregister.com1 mesi fa

Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise

Popular JavaScript modules including size-sensor and echarts-for-react hit as hijacked account closed GitHub warnings

Leggi questa versione → originale
decrypt.co1 mesi fa

Shai-Hulud: What to Know About the Malware Spreading Through Software Pipelines - Decrypt

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.

Leggi questa versione → originale
thehackernews.com1 mesi fa

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

Mini Shai-Hulud hits @antv and echarts-for-react via npm maintainer compromise, exposing 1.1M weekly downloads to credential theft.

Leggi questa versione → originale
news.bitcoin.com1 mesi fa

GitHub Worm Hits npm Packages With 16M Downloads

A self-replicating worm that hijacks GitHub Actions pipelines to publish malicious npm packages has struck again, compromising AntV, echarts-for-react,

Leggi questa versione → originale
  • martedì 19 maggio 2026·infoworld.com

    AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

    The largest incident yet is a warning that developers should urgently check package security, say experts.

  • martedì 19 maggio 2026·theregister.com

    Shai-Hulud copycat worm infects yet another npm package

    Plus three other stealers in three other packages, all from the same scumbag

  • martedì 19 maggio 2026·thehackernews.com

    Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

    Mini Shai-Hulud hits @antv and echarts-for-react via npm maintainer compromise, exposing 1.1M weekly downloads to credential theft.

  • martedì 19 maggio 2026·heise.de

    npm-Wurm Shai-Hulud: Angriff der Klone

    Die Malware-Autoren hinter dem npm-Wurm Shai-Hulud haben die Quelltexte veröffentlicht. Nun erscheinen die ersten Klone.

  • martedì 19 maggio 2026·theregister.com

    Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise

    Popular JavaScript modules including size-sensor and echarts-for-react hit as hijacked account closed GitHub warnings

  • martedì 19 maggio 2026·bleepingcomputer.com

    New Shai-Hulud malware wave compromises 600 npm packages

    Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a new Shai-Hulud supply-chain campaign.

  • martedì 19 maggio 2026·techcrunch.com

    Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack | TechCrunch

    The attacks are part of a wider campaign known as Mini Shai-Hulud, which has already compromised several open source projects and, in turn, developers and companies that use them.

  • mercoledì 20 maggio 2026·news.bitcoin.com

    GitHub Worm Hits npm Packages With 16M Downloads

    A self-replicating worm that hijacks GitHub Actions pipelines to publish malicious npm packages has struck again, compromising AntV, echarts-for-react,

  • mercoledì 20 maggio 2026·ilsoftware.it

    Nuova ondata di attacchi colpisce centinaia di pacchetti npm

    Attacco supply chain su npm: 314 pacchetti compromessi dal malware Mini Shai-Hulud e propagazione tra dipendenze.

  • mercoledì 20 maggio 2026·heise.de

    Hunderte bösartige npm-Pakete im AntV-Ökosystem entdeckt

    Das Datenvisualisierungs-Ökosystem AntV war Ziel einer Mini-Shai-Hulud-Lieferkettenattacke mit Hunderten schädlicher npm-Pakete.

  • mercoledì 20 maggio 2026·securityweek.com

    Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

    A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.

  • mercoledì 20 maggio 2026·decrypt.co

    Shai-Hulud: What to Know About the Malware Spreading Through Software Pipelines - Decrypt

    The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.