Topic: token exfiltration

Self-Replicating Worm Infects 180+ npm Packages in Automated Attack

A self-replicating worm named "Shai-hulud" is spreading through the npm ecosystem, infecting over 180 packages and stealing developer credentials to propagate further. The worm uses stolen authentication tokens to inject malicious code, exfiltrate sensitive data like GitHub and AWS keys, and make...