A new wave of malicious npm packages is targeting developers who work with cloud and serverless infrastructure. The threat, known as the Shai-Hulud payload carrying the Hades malware family, has now expanded its reach to the Leo/RStreams ecosystem, a set of libraries widely used for AWS-native event streaming and data pipelines. Security teams are raising […] The post Shai-Hulud Payload Steals GitHub, npm, Cloud, CI/CD, and SSH Credentials From Developers appeared first on Cyber Security News .