Summary

A new supply chain attack has compromised SAP-related npm packages with credential-stealing malware. The campaign, dubbed 'mini Shai-Hulud,' has been identified by multiple cybersecurity firms.

Key Points

• The attack specifically targets npm packages associated with SAP's JavaScript and cloud applications.
• The campaign is named 'mini Shai-Hulud' and is designed to steal credentials.
• Cybersecurity firms involved in identifying the threat include Aikido Security, SafeDep, Socket, StepSecurity, and Wiz.
• The attack highlights vulnerabilities in the supply chain of open-source software packages.

Analysis

This attack underscores the ongoing risks associated with supply chain vulnerabilities, particularly in open-source ecosystems like npm. By targeting widely used SAP-related packages, attackers can potentially access sensitive information across numerous organizations. The involvement of multiple cybersecurity firms in identifying this threat indicates its seriousness and the need for vigilance in monitoring software dependencies.

Conclusion

IT professionals should immediately review and secure their npm dependencies, particularly those related to SAP applications. Regular audits and implementing security tools that monitor for malicious activity in software supply chains are recommended to mitigate such risks.