Product
critical
threat
Shai-Hulud Malware Used in Supply Chain Attack via Compromised npm Packages
3 rules 7 TTPs 3 IOCsThe Shai-Hulud malware was used in a large-scale software supply-chain attack compromising hundreds of packages across open-source software ecosystems by compromising developer secrets and CI/CD pipelines.
router +11
TeamPCP
supply-chain
supply-chain-attack
npm
pypi
credential-theft
shai-hulud
3r
7t
3i
critical
advisory
Compromised Bitwarden CLI npm Package Enables Credential Theft and Information Exfiltration
2 rules 2 TTPsA remote attacker can exploit a compromised Bitwarden CLI npm package to steal credentials and exfiltrate sensitive information.
Bitwarden CLI
supply-chain
credential-theft
exfiltration
npm
2r
2t