SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware

2 days ago [email protected] (The Hacker News)
SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware


Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential-stealing malware.
According to reports from Aikido Security, SafeDep, Socket, StepSecurity, and Google-owned Wiz, the campaign – calling itself the mini Shai-Hulud – has affected the following packages associated with SAP’s JavaScript and cloud application

The post “SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware” appeared first on The Hacker News

Source:The Hacker News – [email protected] (The Hacker News)

Tags: , , ,

More Stories

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

15 hours ago [email protected] (The Hacker News)

ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories

18 hours ago [email protected] (The Hacker News)

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

19 hours ago [email protected] (The Hacker News)

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

20 hours ago [email protected] (The Hacker News)

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

2 days ago [email protected] (The Hacker News)

CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV

2 days ago [email protected] (The Hacker News)