Supply-chain threat intelligence

Incident detail

criticalmaven·maintainer compromise·github

Malicious code in org.mvnpm:posthog-node (Maven)

org.mvnpm:posthog-node

Risk score

92

AI summary

Indexed incident for org.mvnpm:posthog-node (maven).

Description

This package was compromised by the Sha1-Hulud: The Second Coming NPM worm.
The malicious payload steals tokens and credentials and publishes them to
GitHub. The worm will propogate itself to NPM packages the user owns and
establish persistence is a GitHub action.
The package may also destroy the user's home directory.

Technical details

Indicators

  • ghsa
    95%

Timeline

  1. Advisory published
  2. Indexed by ThreatPkg

Related incidents