PulseAugur
EN
LIVE 04:02:28
ENTITY Sandworm

Sandworm

PulseAugur coverage of Sandworm — every cluster mentioning Sandworm across labs, papers, and developer communities, ranked by signal.

Show in brief
Total · 30d
6
6 over 90d
Releases · 30d
0
0 over 90d
Papers · 30d
0
0 over 90d
TIER MIX · 90D
TOPICS
RELATIONSHIPS
TIMELINE
  1. 2026-05-19 research_milestone The source code for the Shai-Hulud AI worm was publicly released.
SENTIMENT · 30D

1 day(s) with sentiment data

RECENT · PAGE 1/1 · 6 TOTAL
  1. TOOL · CL_83543 ·

    GitHub disables npm auto-run scripts after worm exploit

    GitHub has disabled automatic script execution for npm packages, a feature that allowed packages to run code upon installation. This change was prompted by the exploitation of this functionality by the 'Shai-Hulud' worm…

  2. TOOL · CL_64520 ·

    Shai-Hulud malware infects Red Hat npm packages

    The Shai-Hulud malware has compromised versions of Red Hat's npm packages, with approximately 80,000 downloads occurring weekly. This malicious software is suspected to be the work of the TeamPCP group or a copycat. The…

  3. RESEARCH · CL_46803 ·

    Network allow-lists fail to prevent data exfiltration from sandboxes

    A security vulnerability exists in sandboxing environments that rely solely on network allow-lists for protection. Untrusted code, including AI-generated scripts, can exfiltrate sensitive data like AWS credentials or SS…

  4. TOOL · CL_39134 ·

    Shai-Hulud campaign infects 314 npm packages via account compromise

    A malicious software campaign dubbed Shai-Hulud has infected over 300 npm packages, exploiting compromised developer accounts. This attack highlights the growing threat of AI-assisted attacks targeting software supply c…

  5. TOOL · CL_10864 ·

    Shai-Hulud malware infects PyTorch Lightning AI training library

    A supply chain attack has compromised the PyTorch Lightning AI training library, affecting versions 2.6.2 and 2.6.3. The malicious code, themed after "Shai-Hulud" from Dune, executes automatically upon import and steals…

  6. TOOL · CL_47734 ·

    Replit blocks "Shai-Hulud" worm, protects developers from npm attack

    A severe JavaScript supply chain attack, dubbed "Shai-Hulud," has compromised numerous npm packages, including @ctrl/tinycolor, which has over 2 million weekly downloads. This worm-like malware automatically harvests de…