[varunsharma07]

The Mini Shai-Hulud worm is actively compromising legitimate npm packages by hijacking CI/CD pipelines and stealing developer secrets. StepSecurity's OSS Package Security Feed first detected the attack in official @tanstack packages and is tracking its spread across the ecosystem in real time.

[janice1999]

How did you guys detect it? Do you use it internally or do you monitor popular packages?

[varunsharma07]

We have built an AI Package Analyst https://app.stepsecurity.io/oss-security-feed and also monitor them using https://github.com/step-security/harden-runner for runtime behavior.