The Hacker News

Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys

Researchers uncovered 5GB of leaked credentials from JSONFormatter and CodeBeautify, exposing sensitive data across critical ...
Security Boulevard

The Latest Shai-Hulud Malware is Faster and More Dangerous

A new iteration of the Shai-Hulud malware that ran through npm repositories in September is faster, more dangerous, and more ...
SecurityWeek

640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack

Approximately 640 NPM packages have been infected with a new variant of the Shai-Hulud self-replicating worm in a fresh wave of attacks.

Code beautifiers expose credentials from banks, govt, tech orgs

Thousands of credentials, authentication keys, and configuration data impacting organizations in sensitive sectors have been ...
Security Boulevard

Shai-Hulud: The Second Coming

While the September 2025 Shai-Hulud attack focused primarily on credential harvesting and self-propagation, this new variant ...