Shai-Hulud Part 2: When the Worm Forged Its Own Security Certificate by Lucie Cardiet
TeamPCP open-sourced Shai-Hulud today. The OIDC token extraction technique that made the TanStack attack different from every previous campaign is now a public toolkit.