Credential-Stealing Malware Targets SAP-Related npm Packages

Cybersecurity experts have raised concerns over a new supply chain attack known as mini Shai-Hulud. This campaign has illicitly compromised various npm packages related to SAP's JavaScript and cloud applications, deploying malware designed to steal user credentials. Leading cybersecurity firms, including Aikido Security and Google-owned Wiz, have reported on the ongoing threats posed by this attack. The situation highlights the importance of safeguarding software supply chains and staying vigilant against potential security risks associated with third-party packages. Users and organizations using SAP-related technologies are urged to monitor their systems for any unusual activities and to employ robust cybersecurity measures. Source: CyberSathi.in.