Download .SVG Download .PNG Download Brand Kit .ZIP

Github - Shai Hulud Second Supply-Chain Attack

Detect malicious or impersonated npm packages linked to the Shai Hulud supply-chain attack across GitHub repos.

Install

Created by

Sola Security Last updated 24 November 2025 Tags GitHub Supply Chain Security npm +4 X

Monitor and detect vulnerable or impersonated packages tied to the Shai Hulud supply-chain attack across GitHub repositories. This app identifies compromised npm packages on main and master branches, helping security teams rapidly assess exposure and prioritize remediation.

Who is it for?

Security, AppSec, and engineering teams responsible for code integrity and protecting GitHub repositories from malware or supply-chain threats.

What problems does it solve?

Identify affected packages, helping teams quickly investigate and respond.

Key security questions

Are any GitHub repositories using npm packages tied to the Shai Hulud attack?
Which main or master branches are impacted?
Which specific packages and versions are affected?

Add this app to your Sola workspace

Similar apps

AWS - GuardDuty Threat Detection

Wiz Security - Overview and Insights

AWS Cloud Security - Startup Essentials