"The Mini Shai-Hulud supply chain attack has been linked to TeamPCP, with malicious versions of four SAP NPM packages delivering information-stealing malware that collects credentials and secrets."
"Over 1,800 repositories containing stolen developer credentials have been created as part of the Mini Shai-Hulud attacks, which appear to be a continuation of earlier supply chain attacks."
"The Lightning Python package and intercom-client NPM package were injected with malware, which included a dedicated infrastructure for data exfiltration and a dynamic fallback mechanism for searching GitHub."
The Mini Shai-Hulud supply chain attack, attributed to TeamPCP, affected over 1,800 developers across PyPi, NPM, and PHP ecosystems. Malicious versions of SAP NPM packages were found delivering information-stealing malware. This malware collected sensitive data from infected machines and published it to GitHub. The attack also compromised the Lightning PyPi and intercom-client NPM packages, which have significant download counts. The campaign is a continuation of previous supply chain attacks and has expanded to include the intercom-php package, which has a large user base.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]