TruffleHog

Entity category: PRODUCT

Business

NPM Malware Attack Exposed 400,000 Developer Secrets

December 4, 2025
NPM logo in red and white on a dark background with red circles.

A malware campaign called Shai-Hulud compromised hundreds of NPM packages, exposing roughly 400,000 raw secrets from thousands of GitHub repositories,…

Read More »
BigTech Companies

500 npm Packages Infected by Shai-Hulud Malware Leaking Secrets

November 26, 2025
NPM logo in red and white on a dark gradient background.

Over 500 npm packages, including popular tools like Zapier and Postman, have been compromised by the Shai-Hulud malware, which steals…

Read More »
BigTech Companies

Crimson Collective Hackers Breach AWS for Data Theft

October 10, 2025
A hooded figure with a digital face displaying code, set against a blurred city background.

The Crimson Collective is a hacking group infiltrating AWS infrastructures to steal sensitive data and extort organizations, as seen in…

Read More »
BigTech Companies

Self-Propagating Attack Infects 187 npm Packages

September 19, 2025
npm logo in a red neon tunnel, symbolizing the vast network of JavaScript packages.

A self-propagating worm named 'Shai-Hulud' has compromised at least 187 npm packages, starting with @ctrl/tinycolor and spreading to include modules…

Read More »