Product
critical
threat
Shai-Hulud Malware Used in Supply Chain Attack via Compromised npm Packages
3 rules 7 TTPs 3 IOCsThe Shai-Hulud malware was used in a large-scale software supply-chain attack compromising hundreds of packages across open-source software ecosystems by compromising developer secrets and CI/CD pipelines.
router +11
TeamPCP
supply-chain
supply-chain-attack
npm
pypi
credential-theft
shai-hulud
3r
7t
3i
critical
advisory
SAP Commerce Cloud Unauthenticated Remote Code Execution (CVE-2026-34263)
2 rules 1 TTP 1 CVESAP Commerce Cloud is vulnerable to unauthenticated malicious configuration upload and code injection due to improper Spring Security configuration, resulting in arbitrary server-side code execution.
Commerce cloud
CVE-2026-34263
rce
sap
spring security
2r
1t
1c