The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.
heise online

New supply chain attack with malicious scripts in npm packages

The security firm Socket warns of a campaign with malicious scripts in npm packages. The analysts have discovered 60 of these packages that contain an infostealer, which in turn spies on a machine ...
GIGAZINE

The popular @ctrl/tinycolor package, downloaded over 2 million times per week, has been compromised along with over 40 other NPM packages in a sophisticated supply chain attack ...

The malware used in Shai-Hulud is capable of self-propagation, automatically infecting other packages managed by the maintainer of the infected package. It also harvests credentials from developer ...