PostHog admits Shai-Hulud 2.0 was its biggest ever security bungle

News
Yanac

Automation flaw in CI/CD workflow let a bad pull request unleash worm into npm PostHog says the Shai-Hulud 2.0 npm worm compromise was “the largest and most impactful security incident” it’s ever experienced after attackers slipped malicious releases into its JavaScript SDKs and tried to auto-loot developer credentials.…The Register – SecurityRead More