Cybersecurity researchers have identified a significant supply chain attack campaign dubbed 'mini Shai-Hulud,' which targets npm packages associated with SAP. This campaign has been detailed by multiple cybersecurity firms, including Aikido Security, Onapsis, and Google-owned Wiz. The compromised packages have been found to contain malware specifically designed to steal user credentials, highlighting the increasing sophistication of supply chain threats in the software ecosystem.
For businesses utilizing SAP and npm packages, this incident underscores the critical need for enhanced security measures within their software supply chains. Companies should prioritize regular audits and monitoring of third-party dependencies to identify any vulnerabilities promptly. Additionally, implementing robust access controls and credential management practices can mitigate potential risks associated with credential theft. This development serves as a stark reminder of the evolving landscape of cybersecurity threats, particularly within supply chains, necessitating a proactive approach to safeguard sensitive information.
---
*Originally reported by [The Hacker News](https://thehackernews.com/2026/04/sap-npm-packages-compromised-by-mini.html)*