1. Supply Chain Attack: TeamPCP's Mini Shai-Hulud Exploits Trusted Publishing to Compromise 160+ npm Packages
A sophisticated npm supply chain attack, codenamed Mini Shai-Hulud and attributed to the threat actor TeamPCP, has compromised over 160 packages, according to cybersecurity community reports. The campaign represents a notable escalation in software supply chain threats, moving beyond conventional typosquatting techniqu...