6 stories tagged with #npm-package, in publish-time order across the WeSearch catalog. Tag pages update as new stories ingest.
⌘ RSS feed for this tag → or search "Npm Package"
Experts say supply chain attacks compromised SAP and Intercom npm packages, plus the PyPI package Lightning, in a campaign that calls itself Mini Shai-Hulud (Jessica Lyons/The Register)
Jessica Lyons / The Register : Experts say supply chain attacks compromised SAP and Intercom npm packages, plus the PyPI package Lightning, in a campaign that calls itself Mini Sha…
Oruk (global breaking news wire with SSE, REST API, and MCP support)
oruk is a live broadcast intelligence API delivering real-time news, SSE streams, and MCP server access. Be the first to know everything happening right now.…
The never-ending supply chain attacks worm into SAP npm packages, other dev tools
Mini Shai-Hulud caught spreading credential-stealing malware The wave of supply chain attacks aimed at security and developer tools has washed up more victims, namely SAP and Inter…
Intercom-client NPM package and lightning PyPI packages compromised
TeamPCP has delivered another software supply chain attack that they are calling mini shai-hulud. This campaign borrows ts best trick from North Korean campaigns like PolinRider a…
Official SAP NPM packages compromised to steal credentials
Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal credentials and authentication tokens from developers' systems.…