Shai-Hulud malware campaign dubbed ‘the largest and most dangerous npm supply-chain compromise in history’ — ‘hundreds’ of JavaScript packages affected

September 18, 2025

Share via:

It’s a bad time to be a JavaScript developer, after Koi Security revealed yesterday that it is tracking “the largest and most dangerous npm supply-chain compromise in history.”

The security firm said the Shai-Hulud malware campaign “has now impacted hundreds of packages across multiple maintainers,” including “popular libraries such as @ctrl/tinycolor as well as packages maintained by CrowdStrike.” (Emphasis theirs.) And the problem is probably going to get worse before it gets better, because the…

Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Previous News

Best Amazon Prime Day tablet deals 2025: My 12 favorite sales ahead of October

Next News

Safety Meets Savings: Score 29% Off With This Eufy Indoor Cam E30 Deal

Tom’s Hardware

Shai-Hulud malware campaign dubbed ‘the largest and most dangerous npm supply-chain compromise in history’ — ‘hundreds’ of JavaScript packages affected

September 18, 2025

, Published By Tom’s Hardware

Hardware

It’s a bad time to be a JavaScript developer, after Koi Security revealed yesterday that it is tracking “the largest and most dangerous npm supply-chain compromise in history.”

Source link

Disclaimer

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

Previous News

Best Amazon Prime Day tablet deals 2025: My 12 favorite sales ahead of October

Next News

Safety Meets Savings: Score 29% Off With This Eufy Indoor Cam E30 Deal

Tom’s Hardware

More like this

Shai-Hulud malware campaign dubbed ‘the largest and most dangerous npm supply-chain compromise in history’ — ‘hundreds’ of JavaScript packages affected

Disclaimer

Popular

A.I. Has Arrived in Gmail. Here’s What to Know.

Robotics software maker Skild AI hits $14B valuation

Verizon promises to offer credits following massive outage — ‘we will make this right’

Accel Leads $40M Series A for Depthfirst, Pioneering AI-Powered Software Security

StyleX vs. Tailwind: Meta’s Take on CSS-in-JS Maintainability

More Like this

Delaware judge won’t speed up Paramount lawsuit seeking Warner Bros merger details

India at an AI inflection point, $15 bn investment to build data centres, cables, clean energy: Google’s Preeti Lobana

The TEMU Affiliate Program: A Complete Guide to Boosting Your Income and User Engagement

EtherealX Bags $20.5M To Advance Reusable Rocket Development

Apple Watch Ultra 3, iPad Pro, Nomad iPhone cases, more 9to5Mac

CC Surat KLT 4.0 Successfully Brings Together Business Leaders for an Evening of Insight, Learning, and Networking

Shai-Hulud malware campaign dubbed ‘the largest and most dangerous npm supply-chain compromise in history’ — ‘hundreds’ of JavaScript packages affected

Disclaimer

More like this

Delaware judge won’t speed up Paramount lawsuit seeking Warner...

India at an AI inflection point, $15 bn investment...

The TEMU Affiliate Program: A Complete Guide to Boosting...

Popular

Block title

Finnish Startup IXI Plans New Autofocusing Eyeglasses

Intense Technologies Closes Q3 FY26 with INR 34 Cr Revenue and Strong Client Traction

Wellness brand Pee Safe closes a $32 million in funding round with OrbiMed

How to watch NFL Wildcard Round 2025/26: FREE live streams, schedule, preview

Nvidia hires first-ever CMO, snatches former Google exec for the tough job of helping...

US Black Hawk helicopter trespasses on private Montana ranch to grab elk antlers

Asus revised the liquid metal application on its $4,000 ROG Matrix RTX 5090 cards...

Startup Events

Trending News

Delaware judge won’t speed up Paramount lawsuit seeking Warner Bros merger details

India at an AI inflection point, $15 bn investment to build data centres, cables, clean energy: Google’s Preeti Lobana

The TEMU Affiliate Program: A Complete Guide to Boosting Your Income and User Engagement

EtherealX Bags $20.5M To Advance Reusable Rocket Development

Apple Watch Ultra 3, iPad Pro, Nomad iPhone cases, more 9to5Mac

About

Partnership

Contact us