WARPTECHNEWS · LAB
HomeAIBusinessTechArchive
WARPTECH LAB NEWS

Warptech Lab News aggrega le notizie più rilevanti da oltre 700 fonti internazionali, con classificazione AI, TL;DR sintetici e timeline cluster su singole storie.

Navigazione

  • Home
  • Archivio
  • Editor's Brief
  • Cerca
  • Il tuo account
  • Newsletter tech/AI

Informazioni legali

  • Privacy Policy
  • Termini di servizio
  • Cookie Policy

© 2026 Sparktech S.R.L. — Tutti i diritti riservati. Sito gestito e manutenuto da Sparktech S.R.L.

Sede legale: Corso Libertà 55, 13100 Vercelli (VC), Italia · P.IVA / C.F. 02835910023 · Contatti: admin@warptechlab.com

Home
Storia in 7 fonti

GitHub Worm Hits npm Packages With 16M Downloads

A self-replicating worm that hijacks GitHub Actions pipelines to publish malicious npm packages has struck again, compromising AntV, echarts-for-react,

Raccontata dathehackernews.combleepingcomputer.cominfoworld.comtheregister.comheise.denews.bitcoin.comsecurityweek.com

Confronto fonti

6 prospettive sulla stessa storia
AI · summaries
news.bitcoin.comStai leggendo1 mesi fa

GitHub Worm Hits npm Packages With 16M Downloads

A self-replicating worm that hijacks GitHub Actions pipelines to publish malicious npm packages has struck again, compromising AntV, echarts-for-react,

originale

Timeline cronologica

  1. lunedì 18 maggio 2026·thehackernews.com

    Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware

    4 malicious npm packages with 3,006 downloads spread stealers and Phantom Bot, forcing removals and secret rotation.

  2. lunedì 18 maggio 2026·bleepingcomputer.com

    Leaked Shai-Hulud malware fuels new npm infostealer campaign

    The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected packages emerged over the weekend.

theregister.com
1 mesi fa

Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise

Popular JavaScript modules including size-sensor and echarts-for-react hit as hijacked account closed GitHub warnings

Leggi questa versione → originale
securityweek.com1 mesi fa

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.

Leggi questa versione → originale
bleepingcomputer.com1 mesi fa

New Shai-Hulud malware wave compromises 600 npm packages

Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a new Shai-Hulud supply-chain campaign.

Leggi questa versione → originale
thehackernews.com1 mesi fa

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

Mini Shai-Hulud hits @antv and echarts-for-react via npm maintainer compromise, exposing 1.1M weekly downloads to credential theft.

Leggi questa versione → originale
infoworld.com1 mesi fa

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The largest incident yet is a warning that developers should urgently check package security, say experts.

Leggi questa versione → originale
  • martedì 19 maggio 2026·infoworld.com

    AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

    The largest incident yet is a warning that developers should urgently check package security, say experts.

  • martedì 19 maggio 2026·theregister.com

    Shai-Hulud copycat worm infects yet another npm package

    Plus three other stealers in three other packages, all from the same scumbag

  • martedì 19 maggio 2026·thehackernews.com

    Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

    Mini Shai-Hulud hits @antv and echarts-for-react via npm maintainer compromise, exposing 1.1M weekly downloads to credential theft.

  • martedì 19 maggio 2026·heise.de

    npm-Wurm Shai-Hulud: Angriff der Klone

    Die Malware-Autoren hinter dem npm-Wurm Shai-Hulud haben die Quelltexte veröffentlicht. Nun erscheinen die ersten Klone.

  • martedì 19 maggio 2026·theregister.com

    Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise

    Popular JavaScript modules including size-sensor and echarts-for-react hit as hijacked account closed GitHub warnings

  • martedì 19 maggio 2026·bleepingcomputer.com

    New Shai-Hulud malware wave compromises 600 npm packages

    Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a new Shai-Hulud supply-chain campaign.

  • mercoledì 20 maggio 2026·news.bitcoin.com

    GitHub Worm Hits npm Packages With 16M Downloads

    A self-replicating worm that hijacks GitHub Actions pipelines to publish malicious npm packages has struck again, compromising AntV, echarts-for-react,

  • mercoledì 20 maggio 2026·securityweek.com

    Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

    A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.