National Cyber Warfare Foundation (NCWF)

New Mini-Shai-Hulud Wave Targets NPM, PyPi Packages and VSCode Extension (Campaign)
0 user ratings		2026-05-20 12:06:21
milo
Attacks
Researchers identified a broad TeamPCP-linked supply chain campaign involving malicious NPM packages, compromised GitHub Actions, a trojanized VSCode extension, and malicious PyPI packages targeting cloud and CI/CD environments. The campaign includes large-scale credential the...

Researchers identified a broad TeamPCP-linked supply chain campaign involving malicious NPM packages, compromised GitHub Actions, a trojanized VSCode extension, and malicious PyPI packages targeting cloud and CI/CD environments. The campaign includes large-scale credential the...

Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/new-mini-shai-hulud-wave-targets-npm-pypi-packages-and-vscode-extension

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Attacks


Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.