Shai-Hulud NPM attack #7287

FlachyJoe · 2025-09-19T10:18:08Z

FlachyJoe
Sep 19, 2025

Hi!
What's your current recommendation about the NPM environment compromision by the so-named Shai-Hulud worm?

Could we still update MeshCentral without risks?

si458 · 2025-09-19T10:54:28Z

si458
Sep 19, 2025
Collaborator

Links??? Not header about other npm attacks apart from one other week which we checked and we arent effected by it

0 replies

FlachyJoe · 2025-09-19T13:00:43Z

FlachyJoe
Sep 19, 2025
Author

I've only read mainstream media reports like https://www.securityweek.com/shai-hulud-supply-chain-attack-worm-used-to-steal-secrets-180-npm-packages-hit/ or https://www.wiz.io/blog/shai-hulud-npm-supply-chain-attack
And https://github.com/Cobenian/shai-hulud-detect

1 reply

si458 Sep 19, 2025
Collaborator

just had quick look at packages exposed, we dont use ANY of them, we are old school here 👍
looks quite serious tho! will readup a little more about it when i get chance tonight in bed 👍

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Shai-Hulud NPM attack #7287

Uh oh!

{{title}}

Uh oh!

Replies: 2 comments 1 reply

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Shai-Hulud NPM attack #7287

Uh oh!

FlachyJoe Sep 19, 2025

Replies: 2 comments · 1 reply

Uh oh!

si458 Sep 19, 2025 Collaborator

Uh oh!

FlachyJoe Sep 19, 2025 Author

Uh oh!

si458 Sep 19, 2025 Collaborator

FlachyJoe
Sep 19, 2025

Replies: 2 comments 1 reply

si458
Sep 19, 2025
Collaborator

FlachyJoe
Sep 19, 2025
Author

si458 Sep 19, 2025
Collaborator