Multiple Node.js Modules compromised in supply chain attack to harvest credentials (Shai-Hulud) (11/25/2025)

Version 1.6

Jan 5, 2026, 10:40 PM

Detection (Added Check for OS Managed Packages)
Detection (Exclude certain ZTE CGSL directories by default. Modified Plugins to call Nodejs specific functions for reporting)