ShaiHulud

Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets

Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets

AndyC 27 November 2025

The second wave of the Shai-Hulud supply chain attack has spilled over to the Maven ecosystem after compromising more than...

Read More

Shai-Hulud 2.0: over 14,000 secrets exposed

Shai-Hulud 2.0: over 14,000 secrets exposed

AndyC 25 November 2025

TL;DR: A new wave of the Shai-Hulud supply chain attack targeting NPM packages, dubbed “The Second Coming” by the...

Read More

The future of smart glasses comes into focus

New Wave of Self-Replicating NPM Malware Exposes Critical Gaps in Software Supply Chain Security

AndyC 19 September 2025

Being the Dune groupie that I am, I couldn’t pass up the chance to comment on the so-called “Shai-Hulud”...

Read More

Magazine Insights

Self-Replicating Worm Compromising Hundreds of NPM Packages

AndyC 17 September 2025

An ongoing supply chain attack dubbed "Shai-Hulud" has compromised hundreds of packages in the npm repository with a self-replicating worm...

Read More

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

AndyC 19 December 2025

In 2024, ESET researchers noticed previously undocumented malware in the network of a Southeast Asian governmental entity. This led us to uncover even more new...

Read More

ESET Threat Report H2 2025

ESET Threat Report H2 2025

AndyC 17 December 2025

ESET Research A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research...

Read More

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

AndyC 16 December 2025

Business Security Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found Tony Anscombe 12 Dec 2025 • ...

Read More

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

AndyC 16 December 2025

Business Security Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found Tony Anscombe 12 Dec 2025 • ...

Read More

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

AndyC 16 December 2025

Business Security Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found Tony Anscombe 12 Dec 2025 • ...

Read More

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

AndyC 16 December 2025

Business Security Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found Tony Anscombe 12 Dec 2025 • ...

Read More

Amazon Warns Perncious Fake North Korea IT Worker Threat Has Become Widespread

Randall Munroe’s XKCD ‘Fifteen Years’

AndyC 20 December 2025

Why AppSec Can’t Keep Up With AI-Generated Code

Google Shutting Down Dark Web Report Met with Mixed Reactions

AndyC 20 December 2025

Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

AndyC 20 December 2025

Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

AndyC 20 December 2025

Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

AndyC 20 December 2025