MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
ever
Search

PostHog admits Shai-Hulud 2.0 was its biggest ever security bungle

Friday November 28, 2025. 05:22 PM , from TheRegister
Automation flaw in CI/CD workflow let a bad pull request unleash worm into npm
PostHog says the Shai-Hulud 2.0 npm worm compromise was 'the largest and most impactful security incident' it's ever experienced after attackers slipped malicious releases into its JavaScript SDKs and tried to auto-loot developer credentials.…
Read more at TheRegister
https://go.theregister.com/feed/www.theregister.com/2025/11/28/posthog_shaihulud/

Related News

ever Security updates for Friday LWN.netNov 28
security Security researchers caution app developers about risks in using Google Antigravity InfoWorldNov 28
posthog OpenAI admits data breach after analytics partner hit by phishing attack InfoWorldNov 27
its Security updates for Thursday LWN.netNov 27
shai-hulud Asahi admits ransomware gang may have spilled almost 2M people's data TheRegisterNov 27
npm Security updates for Wednesday LWN.netNov 26
worm Wyze launches new Window Cam for indoor window-mounted security BetaNewsNov 25
into Security updates for Tuesday LWN.netNov 25
admits New Shai-Hulud worm spreading through npm, GitHub InfoWorldNov 25
biggest Shai-Hulud worm returns, belches secrets to 25K GitHub repos TheRegisterNov 24
bungle Security updates for Monday LWN.netNov 24
ever Microsoft admits almost all major Windows 11 core features are broken OS NewsNov 24
security How has cloud flipped the regular security narrative? ComputerWorldNov 24
posthog Cryptologist DJB Criticizes Push to Finalize Non-Hybrid Security for Post-Quantum Cryptography SlashdotNov 23
its SEC Dismisses Case Against SolarWinds, Top Security Officer SlashdotNov 22
shai-hulud Microsoft Finally Admits Almost All Major Windows 11 Core Features Are Broken SlashdotNov 21
npm Rhyme is the key to set AIs free when verse outsmarts security TheRegisterNov 21
worm Security updates for Friday LWN.netNov 21
into Security teams want automation but 96 percent face problems implementing it BetaNewsNov 21
admits Fired Techie Admits Sabotaging Ex-Employer, Causing $862K In Damage SlashdotNov 21
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Current Date
Nov, Fri 28 - 18:38 CET