{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreihmdybq6rl46dauv743qdqyfeno5imaul4i35ga33hwt4lblfjldq",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3ml6uun75s2i2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreicclp7byh6wm4ig5com372uksy6eauecjt3kige3vq4mghoa3kuka"
    },
    "mimeType": "image/webp",
    "size": 23204
  },
  "path": "/mini-shai-hulud-attack-poisons-sap-npm-packages-to-steal-github-cloud-and-ai-coding-secrets/",
  "publishedAt": "2026-05-05T16:36:26.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "Mini Shai-Hulud attack poisons SAP npm packages to steal GitHub, cloud, and AI coding secrets",
    "VPN Central",
    "@cap-js"
  ],
  "textContent": "A new npm supply chain attack hit SAP’s developer ecosystem by poisoning four packages used in SAP CAP and Cloud MTA build workflows. The campaign, tracked as Mini Shai-Hulud, used malicious preinstall scripts to steal developer and CI/CD secrets before npm installation finished. The affected packages were mbt, @cap-js/sqlite, @cap-js/postgres, and @cap-js/db-service. Developers or build […]\n\nThe post Mini Shai-Hulud attack poisons SAP npm packages to steal GitHub, cloud, and AI coding secrets appeared first on VPN Central.",
  "title": "Mini Shai-Hulud attack poisons SAP npm packages to steal GitHub, cloud, and AI coding secrets"
}