Shai-Hulud worm returns, belches secrets to 25K GitHub repos

Trojanized npm packages spread new variant that executes in pre-install phase, hitting thousands within days
A self-propagating malware targeting node package managers (npm) is back for a second round, according to Wiz researchers who say that more than 25,000 developers had their secrets compromised within three days.…The RegisterRead More