Hackers Compromise Open-Source Packages in Ongoing Supply-Chain Attack

Hackers have compromised dozens of popular open-source packages in an ongoing supply-chain attack campaign known as Mini Shai-Hulud. The attack targets open-source projects, impacting developers and companies that rely on these compromised packages. No specific technical details, such as CVE IDs, affected package names, or exact numbers of victims, were provided in the report. The campaign is described as active and part of a broader effort to exploit software supply chains. The attack vector and precise timeline remain unspecified.