[Security] Mini Shai-Hulud, NPM Supply Chain Attack

114.29.***.***
8

Hello.

There is a new npm supply chain attack.

For more information, please refer to "Mini Shai-Hulud" search in X.

The risk of VibeCoding using AI Agents has increased.

First, please see the Geeknews article.

Return of Mini Shai-Hulud: Self-Propagating Supply Chain Attack Hits npm Ecosystem (5/11)

https://news.hada.io/topic?id=29427

Many AI-related packages appear to have been targeted.

The packages discovered so far are summarized on the following site.

TanStack npm Packages Compromised in Ongoing Mini Shai-Hulud Supply-Chain Attack

https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack

You may also want to read the following article about supply chain attacks.

Reducing npm Package Supply Chain Attacks with Minimum Release Age

https://velog.io/@okorion/Minimum-Release-Age로-npm-패키지-공급망-공격을-줄이기-p6qaw1m8

로그인한 회원만 댓글 등록이 가능합니다.

자유게시판

KR | ID | EN
  • IDR
  • KOR
8.35 -0.01

2026.07.10 KEB 하나은행 고시회차 901회

다가오는 한인 행사일정

  • 등록 된 일정이 없어요!