Mini Shai-Hulud: npm Worm Hits SAP Developer Packages | Blog | Endor Labs

endorlabs.com

Four SAP npm packages were weaponized to steal GitHub, cloud, and AI coding tool secrets. The malware uses Bun to slip past Node-based detection.

2 pages link to this URL

AI Agent Config Security Is Supply Chain Security

941 Apps; Blake Crosley Blake Crosley May 18, 2026

AI agent config security belongs in supply-chain review: hooks, editor tasks, install scripts, MCP files, and plugins can execute code before you notice.

0 inbound links website en AI & Technology aiagentssecuritysupply-chainclaude-codehooksdeveloper-tools

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

The Hacker News The Hacker News May 4, 2026

Weekly cybersecurity news: Critical cPanel flaw under attack, Copy Fail Linux privilege escalation, TeamPCP supply chain campaign, GitHub RCE & major

0 inbound links article en Article