SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack
Summary
A supply chain attack campaign named 'mini Shai-Hulud' is targeting SAP-related npm packages with credential-stealing malware. Researchers from Aikido Security, SafeDep, Socket, StepSecurity, and Wiz have identified the threat, which affects JavaScript and cloud application packages associated with SAP.
IFF Assessment
FOE
This is bad news for defenders as it represents a sophisticated supply chain attack leveraging legitimate-looking packages to steal credentials.
Defender Context
Defenders need to be vigilant about the security of their software supply chains, especially when using packages related to enterprise software like SAP. This attack highlights the importance of thorough vetting of npm packages and monitoring for unusual activity or dependencies.