FeedCloud SecuritySAP npm Packages Compromised to Harvest Developer and CI/CD ...
Cloud SecurityCyber Security News
8.5CRITICAL

SAP npm Packages Compromised to Harvest Developer and CI/CD Secrets

📅 29 April 2026 at 17:02 UTC📰 Cyber Security NewsView original source ↗
SAP npm Packages Compromised to Harvest Developer and CI/CD Secrets

A new supply chain attack dubbed “mini Shai Hulud” has compromised four SAP-related npm packages by injecting malicious preinstall scripts that silently execute during dependency installation, targeting developer environments and CI/CD pipelines to steal credentials across GitHub, npm, and major cloud providers. Security researchers at StepSecurity, Aikido Security, SafeDep, Socket, and Wiz identified that malicious […] The post SAP npm Packages Compromised to Harvest Developer and CI/CD Secrets appeared first on Cyber Security News.

🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview

Four SAP-related npm packages were compromised through a supply chain attack, injecting malicious scripts that steal developer and CI/CD secrets across GitHub, npm, and major cloud providers.

⚙️Technical Details
Affected Systems
Developer environments and CI/CD pipelines
Attack Vectors
Malicious preinstall scripts injected during dependency installation
💥Impact Assessment
Severity: Critical
Who Is at Risk
Developers using affected npm packages, particularly those with access to GitHub, npm, and major cloud providers credentials
🛡️Recommended Actions
1Immediately update all affected dependencies to the latest versions
2Monitor GitHub, npm, and cloud provider accounts for suspicious activity
3Implement strict access controls and least privilege principles for developer environments and CI/CD pipelines
📦Affected Products
Software: Four SAP-related npm packages

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News
← Back to feed