Gallery

Contacts

405 W. Greenlawn Ave Lansing, Michigan 48910

contact@techjacksolutions.com

+1-616-320-4064

The TeamPCP Mini Shai-Hulud worm compromised 323 npm packages across 639 malicious versions, targeting widely used JavaScript data visualization libraries with millions of weekly downloads. The worm steals credentials from cloud platforms, CI/CD pipelines, and payment systems, and forges SLSA provenance attestations — meaning infected packages passed supply chain verification controls. Full worm source code has been published on BreachForums, enabling copycat campaigns.

Author

Tech Jacks Solutions