Credential Theft

Shai-Hulud Worm Infects 187 npm Packages, Steals Secrets and Self‑Replicates via Stolen Tokens

Researchers link the campaign to August’s s1ngularity/Nx breach, cautioning that automated spread could reignite if any compromised maintainer credentials persist.