Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

USB worm

Self-propagating npm supply-chain attack hits at least 187 packages in ‘Shai-Hulud’ worm

Cybercrime, News, Risk, Vendors, Vulnerabilities

September 17, 2025

Security researchers warn of a self-propagating supply-chain attack on npm that has compromised at least 187 packages in a campaign dubbed ‘Shai-Hulud.’ The worm begins with the widely used @ctrl/tinycolor package and spreads to other maintainers’ packages, using a bundle.js payload that leverages TruffleHog to exfiltrate secrets and forge GitHub Actions workflows.
Mustang Panda Deploys SnakeDisk USB Worm and Updated TONESHELL Backdoor, IBM X-Force Warns

Cybercrime, News, Research

September 16, 2025

IBM X-Force reports that the Mustang Panda group has deployed an updated TONESHELL backdoor alongside a new USB worm named SnakeDisk, with SnakeDisk geofenced to Thailand and capable of dropping Yokai, a reverse-shell backdoor. The investigation highlights ongoing evolution within Hive0154 and a focus on targeted regional operations.

About
Editorial Policy
Privacy
Contact