First Shai-Hulud Worm Clones Emerge
At least one threat actor has adopted the recently released malware source code in attacks against NPM developers. The post First Shai-Hulud Worm Clones Emerge appeared first on SecurityWeek.
The first Shai-Hulud worm clones emerged only days after TeamPCP released the malware’s source code on GitHub, Ox Security reports.
Shai-Hulud was first used in supply chain attacks against the open source software ecosystem in September 2025, and then again in November, in campaigns that hit hundreds of NPM packages and likely infected thousands of developers.
The malware was designed to steal credentials, API keys, tokens, and other secrets from the infected machines and use them for self-propagation by injecting itself into the packages maintained by the victims and publishing malicious versions on their behalf.
Source: https://www.securityweek.com/first-shai-hulud-worm-clones-emerge/
Related breach coverage
- TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code2026-05-15
The hacking group is encouraging miscreants to use the code in supply chain attacks, promising monetary rewards. The post TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code appeared first on SecurityWeek.
- PoC Code Published for Critical NGINX Vulnerability2026-05-16
Introduced in 2008, the critical-severity security defect was patched this week in NGINX Plus and NGINX open source. The post PoC Code Published for Critical NGINX Vulnerability appeared first on SecurityWeek.
- Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 20262026-05-15
The zero-day, tracked as CVE-2026-20182, has been exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616. The post Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026 appeared first on SecurityWeek.
- Mythos Proves Potent in Vulnerability Discovery, Less Convincing Elsewhere2026-05-14
Independent benchmarking finds Mythos highly effective for source code audits, reverse engineering, and native-code analysis, though its exploit validation and reasoning capabilities remain inconsistent. The post Mythos Proves Potent in Vulnerability Discovery, Less Convincing Elsewhere appeared first on SecurityWeek.