Security researchers have identified a severe supply chain attack targeting the SAP developer ecosystem. A threat group identified as TeamPCP has compromised multiple legitimate SAP npm packages in a new campaign named Mini Shai Hulud. The operation relies on injecting malicious pre-install scripts that execute silently during dependency installation. By leveraging a multi-stage payload, the […]

The post Compromised SAP npm Packages Found Harvesting Developer and CI/CD Secrets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/compromised-sap-npm-packages/