chain attack

Kaspersky shares details about the npm Shai-Hulud worm supply chain attack

Kaspersky Threat Research has conducted an analysis of the Shai-Hulud worm’s patient zero package, providing insights into how the self-replicating malware launched its widespread supply chain attack on the npm ecosystem. According to the latest Kaspersky research, the Shai-Hulud worm infected 190 unique packages across 530 total package versions, indicating that many packages had multiple compromised versions published during the…