https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.aikido.dev%2Fblog%2Fmini-shai-hulud-antv-npm-supply-chain-attack&data=05%7C02%7Ckimberly.kaleta%40sra.io%7Cdd52318a082b4e986c8d08deb83486d8%7C9bdee6ea21c54c1ca6c941dc3d08c310%7C0%7C0%7C639150732908655853%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=qOWF%2Fm0izFh07Cs%2B0AyDNT6sxdN%2B6Svq5U9B4IpTsiw%3D&reserved=0#new_tab 2026-05-22T19:31:53Z Security Risk Advisors en Mini Shai-Hulud supply chain worm compromises hundreds of npm packages and forges valid Sigstore provenance to evade trust controls. 2026-05-22T19:31:53Z Blog https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.welivesecurity.com%2Fen%2Feset-research%2Fwebworm-new-burrowing-techniques%2F%23iocs&data=05%7C02%7Ckimberly.kaleta%40sra.io%7C78460625de9d4dbe810a08deb8347b1f%7C9bdee6ea21c54c1ca6c941dc3d08c310%7C0%7C0%7C639150732703845136%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=R7fI7IoewAEKJhbwY%2BunGuymk1kQNIGWZQXFfsxI5Hc%3D&reserved=0#new_tab 2026-05-22T19:30:42Z Security Risk Advisors en 🚩 China-aligned Webworm expands espionage operations with Discord and Microsoft Graph API malware plus stealth proxy infrastructure. 2026-05-22T19:30:42Z Blog https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ox.security%2Fblog%2Fnorth-korean-npm-infostealer-rat%2F&data=05%7C02%7Ckimberly.kaleta%40sra.io%7Ce287724e32554fd5b18908deb83478da%7C9bdee6ea21c54c1ca6c941dc3d08c310%7C0%7C0%7C639150732671509078%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=1dgHVePnevZhYwxykcv6mXdLzEXEMtmD86KUzuOpEAQ%3D&reserved=0#new_tab 2026-05-22T19:29:19Z Security Risk Advisors en 🚩 North Korean-linked npm malware targets developers with Telegram theft, SSH key harvesting, and full remote access capabilities. 2026-05-22T19:29:19Z Blog