Web Scouter
Back to News
Security NewsHighIncidentsupply chain

Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

UnknownMay 12, 2026(about 2 hours ago)

A supply-chain attack named Shai-Hulud compromised npm and PyPI packages, delivering credential-stealing malware targeting developers.

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware targeting developers. [...]

Related News

Deal Reached With Hackers to Delete Data Stolen From the Canvas Educational Platform

Unknown7 minutes ago

West Pharmaceutical Services Hit by Disruptive Ransomware Attack

Unknown34 minutes ago

Apple Patches Dozens of Vulnerabilities in macOS, iOS

Unknownabout 1 hour ago

Get Personalized Alerts

Track vendors and receive alerts when security incidents affect your supply chain.

What We Monitor

Security Incidents

Data breaches, ransomware, and unauthorized access

Vulnerabilities

CVEs and vendor security advisories

Compliance Updates

Regulatory changes and certification news

Legal News

Privacy laws and enforcement actions

Vendor Directory

Browse our directory of SaaS vendors with security documentation and compliance information.