Blockchain security firm SlowMist has uncovered a sophisticated npm worm, dubbed "Mini Shai-Hulud," that is infiltrating prominent developer projects such as TanStack, UiPath, and DraftLab. The worm exploits compromised GitHub credentials to publish malicious packages, embedding a script named router_init.js that executes in CI/CD environments like GitHub Actions. This script is designed to steal CI/CD secrets, cloud infrastructure credentials, and cryptocurrency wallet information.
SlowMist has issued a warning to developers using the affected packages to scan their CI/CD pipelines for the presence of router_init.js, rotate all exposed credentials, and monitor for unusual activity. The firm has also shared threat intelligence with its clients to mitigate the impact of this attack.
SlowMist Identifies 'Mini Shai-Hulud' npm Worm Targeting Developer Projects
Haftungsausschluss: Die auf Phemex News bereitgestellten Inhalte dienen nur zu Informationszwecken.Wir garantieren nicht die Qualität, Genauigkeit oder Vollständigkeit der Informationen aus Drittquellen.Die Inhalte auf dieser Seite stellen keine Finanz- oder Anlageberatung dar.Wir empfehlen dringend, eigene Recherchen durchzuführen und einen qualifizierten Finanzberater zu konsultieren, bevor Sie Anlageentscheidungen treffen.