New Shai-Hulud malware wave compromises 600 npm packages
Over Security - Cybersecurity news aggregator [Unofficial]
May 19, 2026
Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a new Shai-Hulud supply-chain campaign.
Discussion in the ATmosphere