Manuel Bissey5d ago

The Mini Shai-Hulud worm is compromising exposed systems and spreading aggressively — automated propagation is back with modern speed and scale. 🪱⚠️ #WormAttack #ThreatEvolution

https://thehackernews.com/2026/05/mini-shai-hulud-worm-compromises.html

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm packages.

The Hacker News
N-gated Hacker NewsNov 29
🎉🎈 Breaking news: a worm named after a fictional sandworm attacked on November 24th, 2025! No, it’s not from a sci-fi novel, it's from the land of #PostHog 🤦‍♂️. Read on for a riveting tale of what went wrong, because who doesn't love a good #postmortem of digital chaos? 😜
https://posthog.com/blog/nov-24-shai-hulud-attack-post-mortem #BreakingNews #DigitalChaos #WormAttack #SciFiFiction #HackerNews #ngated
Post-mortem of Shai-Hulud attack on November 24th, 2025 - PostHog

At 4:11 AM UTC on November 24th, a number of our SDKs and other packages were compromised, with a malicious self-replicating worm - Shai-Hulud 2.…

xroOct 23, 2025

Watch out for the invisible malware code!

Literally hides itself from review in an e.g. #github #gitlab #forgejo diff, using unicode.

https://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace

#security #malware #codereview #wormattack

GlassWorm: First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace | Koi Blog