Home
Storia in 5 fonti
Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack | TechCrunch
The attacks are part of a wider campaign known as Mini Shai-Hulud, which has already compromised several open source projects and, in turn, developers and companies that use them.
- ·
thehackernews.com
Developer Workstations Are Now Part of the Software Supply Chain
3 campaigns hit npm, PyPI, and Docker Hub in 48 hours, exposing secrets from developer and CI/CD environments.
- ·
theregister.com
Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise
Popular JavaScript modules including size-sensor and echarts-for-react hit as hijacked account closed GitHub warnings
