Information security
fromThe Hacker News
14 hours agoMini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
TeamPCP modified npm and PyPI packages to run obfuscated environment profiling and credential stealing, exfiltrating data via external domains and GitHub token abuse.