Shai-Hulud malware campaign dubbed ‘the largest and most dangerous npm supply-chain compromise in history’ — ‘hundreds’ of JavaScript packages affected

September 18, 2025

Share via:

It’s a bad time to be a JavaScript developer, after Koi Security revealed yesterday that it is tracking “the largest and most dangerous npm supply-chain compromise in history.”

The security firm said the Shai-Hulud malware campaign “has now impacted hundreds of packages across multiple maintainers,” including “popular libraries such as @ctrl/tinycolor as well as packages maintained by CrowdStrike.” (Emphasis theirs.) And the problem is probably going to get worse before it gets better, because the…

Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Previous News

Best Amazon Prime Day tablet deals 2025: My 12 favorite sales ahead of October

Next News

Safety Meets Savings: Score 29% Off With This Eufy Indoor Cam E30 Deal

Tom’s Hardware

Shai-Hulud malware campaign dubbed ‘the largest and most dangerous npm supply-chain compromise in history’ — ‘hundreds’ of JavaScript packages affected

September 18, 2025

, Published By Tom’s Hardware

Hardware

It’s a bad time to be a JavaScript developer, after Koi Security revealed yesterday that it is tracking “the largest and most dangerous npm supply-chain compromise in history.”

Source link

Disclaimer

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

Previous News

Best Amazon Prime Day tablet deals 2025: My 12 favorite sales ahead of October

Next News

Safety Meets Savings: Score 29% Off With This Eufy Indoor Cam E30 Deal

Tom’s Hardware

More like this

Shai-Hulud malware campaign dubbed ‘the largest and most dangerous npm supply-chain compromise in history’ — ‘hundreds’ of JavaScript packages affected

Disclaimer

Popular

Skene raises €800,000 to turn software products into growth engines with autonomous AI agents

$200M Tokenized Water Infrastructure Planned For Southeast Asia

What Google SERPs Will Reward in 2026

Our Favorite Coway Air Purifiers Are on Sale (2026)

Civilization VII is headed to iPhone and iPad with “Arcade Edition”

More Like this

Mentra’s first smart glasses are open-source and come with their own app store

Here’s Your First Look at Sophie Turner’s Lara Croft

My Spotify Library Was Boring, So I Asked ChatGPT to Create New Playlists

My Spotify Library Was Boring, So I Asked ChatGPT to Create New Playlists

Dell’s mega award-winning 34-inch Alienware QD-OLED gaming monitor drops to $499 all-time low pricing — grab yours in today’s clearance sale

Dell’s mega award-winning 34-inch Alienware QD-OLED gaming monitor drops to $499 all-time low pricing — grab yours in today’s clearance sale

Shai-Hulud malware campaign dubbed ‘the largest and most dangerous npm supply-chain compromise in history’ — ‘hundreds’ of JavaScript packages affected

Disclaimer

More like this

Mentra’s first smart glasses are open-source and come with...

Here’s Your First Look at Sophie Turner’s Lara Croft

My Spotify Library Was Boring, So I Asked ChatGPT...

Popular

Block title

Amazon said to push suppliers for cuts ahead of tariff ruling

The Download: The case for AI slop, and helping CRISPR fulfill its promise

Cars24 posts Rs 651 Cr adjusted revenue in H1 FY26; cuts burn by 36%

Britain Awards Wind Farm Contracts That Will Power 12 Million Homes

PEAK dev goes on ramble about game pricing — and he’s right

The Fight on Capitol Hill to Make It Easier to Fix Your Car

Indie App Spotlight: ‘Zephy’ makes plane spotting easy, with an AirTag-style interface

Startup Events

Trending News

Mentra’s first smart glasses are open-source and come with their own app store

Here’s Your First Look at Sophie Turner’s Lara Croft

My Spotify Library Was Boring, So I Asked ChatGPT to Create New Playlists

My Spotify Library Was Boring, So I Asked ChatGPT to Create New Playlists

Dell’s mega award-winning 34-inch Alienware QD-OLED gaming monitor drops to $499 all-time low pricing — grab yours in today’s clearance sale

About

Partnership

Contact us