The never-ending supply chain attacks worm into SAP npm packages, other dev tools
Summary
A new supply chain attack has been discovered, targeting SAP and Intercom npm packages, as well as the lightning PyPI package. The attack is attributed to a threat actor known as 'Mini Shai-Hulud,' which is spreading credential-stealing malware.
IFF Assessment
FOE
This article describes a supply chain attack that compromises developer tools, which can lead to widespread infection and credential theft, posing a significant threat to organizations.
Defender Context
Supply chain attacks continue to be a major threat, as compromising development tools allows attackers to inject malicious code into legitimate software. Defenders should maintain strict access controls and rigorous testing of all dependencies, especially those from open-source repositories.