cross-posted from: https://lemmy.bestiver.se/post/758000
“Bless the Maker and His water.
Bless the coming and going of Him.
May His passage cleanse the world.
May He keep the world for His people.”
Shai-Hulud Returns: Over 300 NPM Packages Infected
Submitted 1 day ago by cyrano@piefed.social to technology@lemmy.world
https://helixguard.ai/blog/malicious-sha1hulud-2025-11-24
Comments
_cryptagion@anarchist.nexus 1 day ago
InternetCitizen2@lemmy.world 1 day ago
camdog2000@ttrpg.network 19 hours ago
I avoid NPM like the plague.
I feel like I’m better off for it.
fubarx@lemmy.world 18 hours ago
That is pretty evil.
Without signing attestation (both developer and code) there will be no way to find out who was responsible and stop the propagation. This will happen again.
NOT_RICK@lemmy.world 1 day ago
Thought this was a reference to the hardcore band for a second… seeing them next month for the first time. I’m pumped! Sucks the malware is back
Schmuppes@lemmy.today 1 day ago
It’s surely a reference to the Dune novels.
NOT_RICK@lemmy.world 1 day ago
Yup
SnoringEarthworm@sh.itjust.works 1 day ago
No Way To Prevent This" Says Only Package Manager Where This Regularly Happens
InternetCitizen2@lemmy.world 1 day ago
Real question? Is it really isolated to npm or is there a few lessons others could take and discover their own vulnerabilities?
frongt@lemmy.zip 1 day ago
It happens in python pip too.
nyan@lemmy.cafe 1 day ago
Python and Ruby have both had various repo issues too.
I’ve never heard of anything similar with Perl, but that may partly be because applications for new developers who want to join CPAN still appear to be processed by humans, with up to a couple of weeks lag. The time inefficiency plus the language being less popular probably makes it an unattractive target.