Sign In
to Vote &
Create Storyboards.
 
Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets The second wave of the Shai-Hulud supply chain attack has spilled over to the Maven ecosystem after compromising more than 830 packages in the npm registry. The Socket Research Team said it identified a Maven Central package named org.mvnpm:posthog-node:4.18.1 that embeds the same two components associated with Sha1-Hulud: the "setup_bun.js" loader and the main payload "bun_environment.js." "
0
0
0


Storyboard
Print
Share this Article

Recommended

  • {TITLE}
    {PUBLISHER} - {PUBLISHED_DATE}
    {VIEWS}
  • Create Storyboard