Developer Compromise 14
- Miasma Mini Shai-Hulud Hits ImmobiliareLabs npm Packages
- Miasma Mini Shai-Hulud Hits LeoPlatform npm Packages and GitHub Actions, Expands to the Go Ecosystem
- Mini Shai-Hulud, Miasma, and Hades Worms Target Bioinformatics and MCP Developers via Malicious PyPI Wheels
- Mini Shai-Hulud Campaign Hits Red Hat Cloud Services npm Packages
- Famous Chollima Targets PHP Developers Through Compromised Packagist Package
- Mini Shai-Hulud Hits @antv Ecosystem, 639 Compromised npm Package Versions
- Mini Shai-Hulud Spreads to Packagist: Malicious Intercom PHP Package Follows npm Compromise
- Malicious Checkmarx Artifacts Found in Official KICS Docker Repository and Code Extensions
- Namastex.ai npm Packages Hit with TeamPCP-Style CanisterWorm Malware
- CanisterWorm: npm Publisher Compromise Deploys Backdoor Across 29+ Packages
- GlassWorm Loader Hits Open VSX via Developer Account Compromise
- Shai Hulud Strikes Again (v2)
- Popular Tinycolor npm Package Compromised in Supply Chain Attack Affecting 40+ Packages
- npm 'is' Package Hijacked in Expanding Supply Chain Attack