Trusted IT Partner

Portal Portal Products Products Contact
ქართული KA KA English EN EN Русский RU RU
Gambit Updates

Shai-Hulud v2 Spreads From npm to Maven, as Campaign Exposes Thousands of Secrets

Jan 1, 2000 Global IT Wire

The second wave of the Shai-Hulud supply chain attack has spilled over to the Maven ecosystem after compromising more than 830 packages in the npm registry. The Socket Research Team said it identified a Maven Central pa…

The second wave of the Shai-Hulud supply chain attack has spilled over to the Maven ecosystem after compromising more than 830 packages in the npm registry. The Socket Research Team said it identified a Maven Central package named org.mvnpm:posthog-node:4.18.1 that embeds the same two components associated with Sha1-Hulud: the "setup_bun.js" loader and the main payload "bun_environment.js." The

Read the full article on thehackernews.com

Share: LinkedIn X Email
All updates
Tags #it-news

Related updates

Jan 8, 2026
Microsoft 365 MFA rollout checklist (small teams)
Jan 5, 2026
Backups that actually restore: 3-2-1 plus testing
Jan 2, 2026
Wi‑Fi segmentation in plain English (staff, guest, IoT)

Gambit AI Assistant

Ask about our services for organizations. Contact
Assistant is ready.
By using this assistant you agree to our Privacy Policy. Responses may be AI‑generated.
Press ESC or click × to close. Tap Close × or swipe down to dismiss.