Security News Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies BleepingComputer Daniel Bender 26 Jan 2026 The defense mechanisms that NPM introduced after the 'Shai-Hulud' supply-chain attacks have weaknesses that allow threat actors to bypass them via Git dependencies.
