Morning Overview on MSN
A supply chain attack called 'Mini Shai-Hulud' poisoned official SAP packages and stole developer credentials through AI coding agent configs
On April 29, 2026, someone hijacked four widely used SAP packages on the npm registry, slipped credential-stealing malware ...
Morning Overview on MSN
Malicious SAP npm packages with 500,000 weekly downloads were stealing developer passwords and cloud secrets for days
For a few critical days at the end of April 2026, thousands of developers building SAP integrations unknowingly handed their ...
Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding tool configurations.
TeamPCP's extensive supply chain campaign continued this week, as the cybercriminal group compromised several SAP npm packages in a "Mini Shai Hulud" attack. The compromised packages went live ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results