Threats Tagged 'leoplatform'
View all threats tagged with 'leoplatform'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'leoplatform'
Click on any threat for detailed analysis and mitigation recommendations
Mini Shai-Hulud Hits LeoPlatform npm Packages and GitHub Actions, Expands to the Go Ecosystem 0 A sophisticated supply chain attack campaign linked to Mini Shai-Hulud, Miasma, and Hades malware has compromised LeoPlatform npm packages, GitHub Actions workflows, and the Verana Blockchain Go module. The attack employs binding.gyp install-time execution, Bun-staged JavaScript malware, and encrypted credential exfiltration targeting developer and CI/CD environments. Malicious packages were published through the czirker and llxlr npm accounts in a coordinated burst on June 24, 2026. The campaign steals credentials including npm tokens, GitHub tokens, cloud provider credentials, SSH keys, and AI coding assistant configurations. Attackers use GitHub as dead-drop infrastructure and inject persistence hooks into repositories through orphan branches and fake dependency-update workflows. The RevokeAndItGoesKaboom marker connects this wave to the codfish/semantic-release-action compromise, indicating shared operational tooling. Join the discussion | AlienVault OTX General | 06/26/2026, 03:57:12 UTC Added: 06/26/2026, 08:46:01 UTC |
Showing 1 to 1 of 1 result