Skip to main content

Briefing Zero-days CVEs IOCs NewsActors Vendors Licenses Help

⌘+KWorkspace→

Real-time security intelligence — KEV, CVEs, exploits, threat actors and IOCs unified into one live view.

Sources Status API docs Licenses Help Security disclosure

© 2026 ZeroDayAttack · Public data from CISA · NIST · MITRE · FIRST · OSV · GitHub · abuse.ch — not a security advisory.

Built by Kiril Urbonas

ZeroDayAttack — AppSec intelligence aggregator

Search

111 results

For "Shai-Hulud" across CVEs, vendor advisories, threat actors, IOCs, security research, and news. Also searching: npm, supply chain, tinycolor

All111 Vulnerabilities50 Threat actors0 Vendor advisories0 Research50 News11 IOCs0

Instant answer

shai-hulud

npm self-replicating supply-chain worm targeting popular packages, Sept-Oct 2025+.

Search "npm"Search "supply chain"Search "tinycolor"Search "self-replicating worm"

Vulnerabilities

50

OSV-MAL-2026-5314—4 d ago
Malicious code in embiggen (PyPI)
OSV-MAL-2026-5316—4 d ago
Malicious code in gpsea (PyPI)
OSV-MAL-2026-5324—4 d ago
Malicious code in pyphetools (PyPI)
OSV-MAL-2026-5322—4 d ago
Malicious code in phenopacket-store-toolkit (PyPI)

OSV-MAL-2026-5323—4 d ago

Malicious code in ppkt2synergy (PyPI)

OSV-MAL-2026-5731—9 h ago

Malicious code in houzidawang807 (npm)

OSV-MAL-2026-5729—9 h ago

Malicious code in houzidawang806 (npm)

OSV-MAL-2026-5732—9 h ago

Malicious code in houzidawang808 (npm)

OSV-MAL-2026-5737—9 h ago

Malicious code in postcss-minify-selector-parser (npm)

OSV-MAL-2026-5730—9 h ago

Malicious code in class-synth (npm)

OSV-MAL-2026-5738—9 h ago

Malicious code in postinstall-logger-7x9z (npm)

OSV-MAL-2026-5736—9 h ago

Malicious code in node-stack-frames (npm)

OSV-MAL-2026-5734—9 h ago

Malicious code in node-denv (npm)

OSV-MAL-2026-5739—9 h ago

Malicious code in sheratan_haha (npm)

OSV-MAL-2026-5735—9 h ago

Malicious code in node-multi-downloader (npm)

OSV-MAL-2026-5733—9 h ago

Malicious code in node-app-doctor (npm)

OSV-MAL-2026-5716—12 h ago

Malicious code in beamz (npm)

OSV-MAL-2026-5728—12 h ago

Malicious code in vite-config-react (npm)

OSV-MAL-2026-5727—12 h ago

Malicious code in vite-config-optimizer (npm)

OSV-MAL-2026-5726—12 h ago

Malicious code in ecto_module (npm)

CVE-2026-44705—13 h ago

tmp is a temporary file and directory creator for node.js. Prior to 0.2.6, the tmp npm package contains a path traversal vulnerability that allows escaping the intended temporary directory when untrusted data flows into the prefix, postfix,

OSV-MAL-2026-5723—14 h ago

Malicious code in @ci-lifecycle-test/postinstall-ping (npm)

OSV-MAL-2026-5724—14 h ago

Malicious code in warp-dependency (npm)

OSV-MAL-2026-5718—19 h ago

Malicious code in ect-472839-ctf (npm)

OSV-MAL-2026-5721—19 h ago

Malicious code in ect-839201-ctf (npm)

OSV-MAL-2026-5720—19 h ago

Malicious code in ect-839201 (npm)

OSV-MAL-2026-5719—19 h ago

Malicious code in ect-654321 (npm)

OSV-MAL-2026-5717—19 h ago

Malicious code in claudechor (npm)

OSV-MAL-2026-5710—19 h ago

Malicious code in chalk-plus-ts (npm)

OSV-MAL-2026-5709—19 h ago

Malicious code in chalk-plus-js (npm)

OSV-MAL-2026-5715—19 h ago

Malicious code in workflow-postgres-setup (npm)

OSV-MAL-2026-5711—19 h ago

Malicious code in chalk-pro (npm)

OSV-MAL-2026-5712—19 h ago

Malicious code in jextic-eclib (npm)

OSV-MAL-2026-5713—19 h ago

Malicious code in vite-plugin-compress-js (npm)

OSV-MAL-2026-5714—19 h ago

Malicious code in vite-plugin-logo (npm)

OSV-GHSA-gv7w-rqvm-qjhr—20 h ago

esbuild: Missing binary integrity verification in Deno module enables remote code execution via NPM_CONFIG_REGISTRY

OSV-MAL-2026-5677—20 h ago

Malicious code in worker-build (npm)

OSV-MAL-2026-5672—20 h ago

Malicious code in vqlxjmpr (npm)

OSV-MAL-2026-5576—20 h ago

Malicious code in vite-tsconfig (npm)

OSV-MAL-2026-5708—20 h ago

Malicious code in vite-svgr (npm)

OSV-MAL-2026-5701—20 h ago

Malicious code in vite-react-toolkit (npm)

OSV-MAL-2026-4703—20 h ago

Malicious code in veteran (npm)

OSV-MAL-2026-5633—20 h ago

Malicious code in typeorm-encrypt (npm)

OSV-MAL-2026-5638—20 h ago

Malicious code in tw-fluid-type (npm)

OSV-MAL-2026-5406—20 h ago

Malicious code in ui-weave (npm)

OSV-MAL-2026-5707—20 h ago

Malicious code in ttspc-server-sample (npm)

OSV-MAL-2026-3774—20 h ago

Malicious code in ts-build-optimize (npm)

OSV-MAL-2026-5705—20 h ago

Malicious code in theta-connector (npm)

OSV-MAL-2026-5706—20 h ago

Malicious code in theta-kit (npm)

OSV-MAL-2026-4682—20 h ago

Malicious code in tango-app-api-trax (npm)