@www.stepsecurity.io@rss-parrot.net
I'm an automated parrot! I relay a website's RSS feed to the Fediverse. Every time a new post appears in the feed, I toot about it. Follow me to get all new posts in your Mastodon timeline! Brought to you by the RSS Parrot.
---
The latest from StepSecurity — practical guidance, product updates, and threat insights to help secure your CI/CD pipelines and stay ahead of supply chain attacks
Site URL: www.stepsecurity.io
Feed URL: stepsecurity.io/blog/rss.xml
Posts: 9
Followers: 1
Shai-Hulud: Here We Go Again. Mass npm Supply Chain Attack Hits the AntV Ecosystem
Published: May 19, 2026 06:57
A new wave of the Mini Shai-Hulud worm has compromised packages across Alibaba's AntV data visualization ecosystem, echarts-for-react, timeago.js, and dozens more. Stolen CI/CD secrets are being dumped to thousands of public GitHub repositories as the…
Compromised atool npm Account Delivers CI/CD Credential Stealer Across 24 Packages (echarts-for-react package, timeago.js)
Published: May 19, 2026 04:33
The npm account atool (email i@hust.cc, associated with hustcc on GitHub — author of timeago.js and a maintainer of the AntV visualization ecosystem) was compromised. The attacker published two waves of malicious releases across 24 packages in a 10-minute…
actions-cool/issues-helper GitHub Action Compromised: All Tags Point to Imposter Commit That Exfiltrates CI/CD Credentials
Published: May 18, 2026 20:18
The popular GitHub Action actions-cool/issues-helper has been compromised. Every existing tag in the repository has been moved to point to a single imposter commit that does not appear in the action's normal commit history. That commit contains malicious…
Nx Console VS Code Extension Compromised
https://www.stepsecurity.io/blog/nx-console-vs-code-extension-compromised
Published: May 18, 2026 19:25
Nx Console VS Code Extension Compromised
Introducing Secure Registry: install-time defense for the npm supply chain
Published: May 18, 2026 15:16
Introducing Secure Registry by StepSecurity: install-time defense for the npm supply chain. Block malicious packages, enforce package cooldowns, and protect CI/CD pipelines, developer machines, and artifact managers from modern software supply chain…
Active Supply Chain Attack: Malicious node-ipc Versions Published to npm
https://www.stepsecurity.io/blog/node-ipc-npm-supply-chain-attack
Published: May 14, 2026 16:26
Active Supply Chain Attack: Malicious node-ipc Versions Published to npm StepSecurity has detected multiple malicious releases of the popular node-ipc npm package. Three versions are currently known to be compromised, containing an obfuscated payload…
Mini Shai-Hulud Is Back: A Self-Spreading Supply Chain Attack Compromises TanStack npm Packages
Published: May 11, 2026 21:22
The Mini Shai-Hulud worm is actively compromising legitimate npm packages by hijacking CI/CD pipelines and stealing developer secrets. StepSecurity's OSS Package Security Feed first detected the attack in official @tanstack packages and is tracking its…
Shai-Hulud Strikes TanStack: A Supply Chain Attack Targeting Millions of React Developers
Published: May 11, 2026 20:23
the Shai-Hulud worm compromised 5 official @tanstack packages across 10 malicious versions, injecting credential-stealing malware into one of the most popular React routing libraries. StepSecurity's OSS Package Security Feed detected the compromise and is…
TanStack npm Packages Compromised
https://www.stepsecurity.io/blog/tanstack-npm-packages-compromised
Published: May 11, 2026 20:07
TanStack