Powered by SafeDepPowered by SafeDepNote: This report is updated by a verification record
Confirmed malicious package as part of coordinated supply chain attack targeting npm ecosystem
Confirmed malicious package as part of coordinated supply chain attack targeting npm ecosystem
Note: This report is updated by a verification record
Part of the Shai Hulud Second Coming supply chain attack campaign. This malicious package was designed to steal credentials and exfiltrate sensitive data from developer environments.