coin-img-ETHETH+1.66%coin-img-BTCBTC+1.77%coin-img-SOLSOL+3.14%coin-img-BITKBITK+0.00%coin-img-SOULCORESOULCORE+1,500.00%coin-img-XRPXRP+2.38%coin-img-HYPEHYPE+17.83%coin-img-USDCUSDC+0.01%coin-img-ETHETH+1.66%coin-img-BTCBTC+1.77%coin-img-SOLSOL+3.14%coin-img-BITKBITK+0.00%coin-img-SOULCORESOULCORE+1,500.00%coin-img-XRPXRP+2.38%coin-img-HYPEHYPE+17.83%coin-img-USDCUSDC+0.01%coin-img-ETHETH+1.66%coin-img-BTCBTC+1.77%coin-img-SOLSOL+3.14%coin-img-BITKBITK+0.00%coin-img-SOULCORESOULCORE+1,500.00%coin-img-XRPXRP+2.38%coin-img-HYPEHYPE+17.83%coin-img-USDCUSDC+0.01%coin-img-ETHETH+1.66%coin-img-BTCBTC+1.77%coin-img-SOLSOL+3.14%coin-img-BITKBITK+0.00%coin-img-SOULCORESOULCORE+1,500.00%coin-img-XRPXRP+2.38%coin-img-HYPEHYPE+17.83%coin-img-USDCUSDC+0.01%
user-avatar
Gamza Khanzadaev

npm Revokes Write Tokens in “Mini Shai-Hulud” Incident as Researchers Warn Local Backdoors Persist

npm has revoked granular write-access tokens tied to compromised developer accounts in an effort to curb a new wave of the self-replicating “Mini Shai-Hulud” supply-chain worm. The platform also urged users to rotate secrets and move to Trusted Publishing, but researchers say infected machines can still leak data locally. The latest spike followed the compromise of the npm account “atool,” which published 637 malicious versions across 323 packages in 27 minutes.
BTC
BTC+1.78%
ETH
ETH+1.72%
Disclaimer: The content above is only the author's opinion and does not represent BingX’s stance. It shall not be construed as investment advice from BingX. For details, refer to the Terms and Conditions.
WalletScams