A sophisticated supply chain attack has compromised hundreds of npm packages and exposed secrets from tens of thousands of GitHub repositories, with cybersecurity researchers now documenting how attackers weaponized GitHub Actions workflows to bootstrap one of the most aggressive worm campaigns in recent memory. On November 24, 2025, at 4:11 AM UTC, malicious versions of […]

The post Shai Hulud v2 Exploits GitHub Actions to Steal Secrets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/shai-hulud-v2/