Hundreds of Repos Compromised by NPM Worm Shai-Hulud скачать в хорошем качестве

Hundreds of Repos Compromised by NPM Worm Shai-Hulud

Unpacking the Largest NPM Breach: Shai-Hulud Attack Explained Excalidraw: https://link.excalidraw.com/l/6qFzFKI... Relevant Vendor Blogs: Step Security - https://www.stepsecurity.io/blog/ctrl... Aikido - https://www.aikido.dev/blog/s1ngulari... Socket - https://socket.dev/blog/ongoing-suppl... Ox - https://www.ox.security/blog/npm-2-0-... Safety - https://www.getsafety.com/blog-posts/... Phoenix - https://phoenix.security/npm-tinycolo... Wiz - https://www.wiz.io/blog/shai-hulud-np... Semgrep - https://semgrep.dev/blog/2025/securit... In this episode, we delve into the latest and largest NPM breach known as the Shai-Hulud attack. Learn about the various vulnerabilities in using open-source dependencies and how attackers exploited GitHub repositories to extract secrets. Discover why this attack is unique with its self-propagating nature and the significant impact it has had on hundreds of repositories. We discuss mitigation strategies, including pinning dependency versions and using monitoring tools like EBPF to safeguard your development pipelines. Don't miss this crucial information to protect your projects from similar threats. 00:00 Introduction to the NPM Breach 00:12 Understanding Open Source Vulnerabilities 00:28 The Shai-Hulud Attack Breakdown 01:51 Self-Propagation Mechanism 02:17 Mitigation Strategies 02:49 Tools and Monitoring Solutions 04:26 Conclusion and Future Implications