Koi: Secure Every Software Install
Koi gives security teams full visibility and control over extensions, packages, apps, and models—detect risks, enforce policy, and protect endpoints.| www.koi.security
Koi gives security teams full visibility and control over extensions, packages, apps, and models—detect risks, enforce policy, and protect endpoints.| www.koi.security
%20(1).png)
We are tracking the largest and most dangerous npm supply-chain compromise in history, known as the Shai-Hulud malware campaign, which has now impacted hundreds of packages across multiple maintainers. This includes popular libraries such as @ctrl/tinycolor as well as packages maintained by CrowdStrike. Malicious versions embed a trojanized script (bundle.js) designed to steal developer credentials, exfiltrate secrets, and persist in repositories and endpoints through automated workflows. The...| www.koi.security
