Skip to content
#

npm-worm

Star

Here are 2 public repositories matching this topic...

Language: All
Filter by language
All 2 JavaScript 1 Shell 1

dream-horizon-org / sentinel

Star 4

Sentinel Package Manager blocks compromised packages BEFORE installation, preventing malicious code execution. Features: Pre-install blocking, command interception (npm/yarn/pnpm/bun), 795+ blacklist (Shai-Hulud), real-time checks (OSV/GitHub/Snyk), zero dependencies, auto-updates. Counters supply chain attacks.

npm security package-manager blacklist yarn pnpm security-tools bun vulnerability-scanner malware-detection zero-dependencies dependency-security supply-chain-security npm-security shai-hulud supply-chain-attack pre-install-validation package-validation npm-worm compromised-packages
  • Updated Dec 2, 2025
  • JavaScript

copyleftdev / mini-shai-hulud-dragnet

Star 0

Forensic dataset + live dashboard for the 2026-04-29 'A Mini Shai-Hulud has Appeared' npm supply-chain worm by TeamPCP. 1,117 dropbox repos, 22 compromised accounts, 47 IOCs across 14 kinds. Trojaned: @cap-js, mbt, @bitwarden/cli. C2 attribution to AS209101 IP Vendetta Inc. JSONL data · kinetic dashboard · CC-BY-4.0.

ioc incident-response dataset cybersecurity threat-hunting malware-analysis forensic-analysis threat-intelligence bitwarden indicators-of-compromise jsonl credential-theft supply-chain-security cap-js sap-security shai-hulud npm-worm teampcp mini-shai-hulud npm-supply-chain-attack
  • Updated Apr 29, 2026
  • Shell

Improve this page

Add a description, image, and links to the npm-worm topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the npm-worm topic, visit your repo's landing page and select "manage topics."

Learn more