Web Scouter
Back to News
Security News

SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware

UnknownApr 29, 2026(about 3 hours ago)

SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware

Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential-stealing malware. According to reports from Aikido Security, SafeDep, Socket, StepSecurity, and Google-owned Wiz, the campaign – calling itself the mini Shai-Hulud – has affected the following packages associated with SAP's JavaScript and cloud application

Related News

HIPAA at 21 Years of Compliance: Why the Security Rule May Be Entering a More Prescriptive Era

Unknown29 minutes ago

Roll Tide: Alabama Rolls Out Its Consumer Privacy Law

Unknownabout 1 hour ago

Stop Hallucinating - Boards Must Oversee AI Risk

Unknownabout 1 hour ago

Get Personalized Alerts

Track vendors and receive alerts when security incidents affect your supply chain.

What We Monitor

Security Incidents

Data breaches, ransomware, and unauthorized access

Vulnerabilities

CVEs and vendor security advisories

Compliance Updates

Regulatory changes and certification news

Legal News

Privacy laws and enforcement actions

Vendor Directory

Browse our directory of SaaS vendors with security documentation and compliance information.