Post AyHEbLkcWsvtSnGu3M by gmcgath@liberdon.com
 (DIR) More posts by gmcgath@liberdon.com
 (DIR) Post #AyHEbKLljnSZ7QdXg8 by BleepingComputer@infosec.exchange
       2025-09-16T16:47:02Z
       
       0 likes, 0 repeats
       
       Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated worm-style campaign dubbed 'Shai-Hulud' started yesterday with the compromise of the @ctrl/tinycolor npm package, and has now expanded to CrowdStrike's npm namespace.https://www.bleepingcomputer.com/news/security/self-propagating-supply-chain-attack-hits-187-npm-packages/
       
 (DIR) Post #AyHEbLkcWsvtSnGu3M by gmcgath@liberdon.com
       2025-09-16T22:02:28Z
       
       0 likes, 0 repeats
       
       @BleepingComputer "Shai Hulud" sounds like a REALLY nasty worm.