Just me recreating the Shai-Hulud 2.0 Worm

For those who don’t know what Shai-Hulud 2.0 is, it’s basically an npm package worm that’s been spreading for the past week. It infects packages by hooking into the preinstall script. I’ll be posting the source code and a detailed write-up soon https://x.com/sarwaroffline https://totallynotabackdoor.site/ submitted by /u/Impossible_Process99 [link] [comments]

from hacking: security in practice https://ift.tt/05GihwI