THREATOPS
THREAT OPSThreat News › "A Mini Shai-Hulud Has Appeared": Bun-Based Stealer Hits SAP @cap-js and mbt npm Packages

"A Mini Shai-Hulud Has Appeared": Bun-Based Stealer Hits SAP @cap-js and mbt npm Packages

infosnykPublished 2026-04-29

A new npm supply chain attack self-branded "Mini Shai-Hulud" compromised four SAP-ecosystem packages on April 29, 2026. Snyk has live advisories. Here's the technical breakdown, IOCs, and what to do.

Original source: https://snyk.io/blog/bun-based-stealer-hits-sap-cap-js-mbt-npm-packages/