Back to Feed
BreachesJul 16, 2026

Suno Breached via Shai-Hulud Worm, Leaked Code Exposes AI Music Scraping

Suno AI music generator breached via Shai-Hulud worm; leaked code exposes YouTube/Deezer scraping.

Summary

AI music generator Suno was breached in November 2025 after a developer was infected with the Shai-Hulud worm, which harvested GitHub and cloud credentials. The leaked source code reveals Suno scraped music from YouTube, Deezer, Genius, and other platforms to train its models, confirming RIAA allegations. The breach exposed customer records and Stripe payment data; Shai-Hulud has since evolved into multiple variants affecting thousands of open-source repositories.

Full text

Security NewsNext.js moves to scheduled security releasesVercel is formalizing a monthly release program for Next.js. The change follows React2Shell and a sharp rise in AI-assisted vulnerability discovery.By Sarah Gooding - Jul 16, 2026

Indicators of Compromise

  • malware — Shai-Hulud
  • malware — SANDWORM_MODE
  • malware — Mini Shai-Hulud

Entities

Suno (product)Vercel (vendor)CrowdStrike (vendor)npm (technology)GitHub (technology)ellie.191 (threat_actor)