National Cyber Warfare Foundation (NCWF)

Shai-Hulud: A Persistent Secret Leaking Campaign
0 user ratings		2025-09-16 19:09:38
milo
Blue Team (CND)

On September 15, a new supply chain attack was identified that targeted the @ctrl/tinycolor and 150 other NPM packages. The attack scenario was similar to the one used in the s1ngularity and GhostActions campaigns. The threat actors combined a local environment secrets extraction with a malicious GitHub actions workflow


The post Shai-Hulud: A Persistent Secret Leaking Campaign appeared first on Security Boulevard.



Gaƫtan Ferry

Source: Security Boulevard
Source Link: https://securityboulevard.com/2025/09/shai-hulud-a-persistent-secret-leaking-campaign/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Blue Team (CND)


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.