{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreicufjlvtkpguc7b6zzcfj5xawpruiplwp6eqfybq5veigducupx7y",
    "uri": "at://did:plc:udsddln6gss4o4oazy7l4qpu/app.bsky.feed.post/3mludhuadbau2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreihr5mtecagyiwcnuy36u2qpghvql6vfgjibmn2c4s54bzkhowvov4"
    },
    "mimeType": "image/png",
    "size": 839102
  },
  "path": "/gemstuffer-shai-hulud-supply-chain-attacks-rubygems-npm-pypi/",
  "publishedAt": "2026-05-08T12:00:00.000Z",
  "site": "https://securitycareers.help",
  "textContent": "GemStuffer hit RubyGems with 155 malicious packages. Mini Shai-Hulud worm compromised 170+ npm and PyPI packages including Mistral AI and TanStack. Here's what happened and why it matters.",
  "title": "GemStuffer and Shai-Hulud: Two Supply Chain Attacks That Should Have Every Developer's Attention"
}