[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$ftxl1nzPBR8O-U1ioVuah-i1SptkUD2br-dzo5Dmxa6A":3},{"article":4,"iocs":45},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":11,"published_at":13,"ingested_at":14,"relevance_score":15,"entities":16,"category_id":25,"category":26,"article_tags":29},"d106936a-3705-4b5c-8255-175a95a2e0be","🤢 UGLY\n- Official SAP npm packages compromised in supply chain attack\n- Attackers targeted devel...","ugly-official-sap-npm-packages-compromised-in-supply-chain-attack-attackers-targ-3adcb0","🤢 UGLY\n- Official SAP npm packages compromised in supply chain attack\n- Attackers targeted developer credentials and authentication tokens\n\nFull breakdown → https:\u002F\u002Ft.co\u002FJvqGNnFokO","Attackers compromised official SAP packages on npm registry, injecting malicious code to steal developer credentials and authentication tokens. This supply chain attack leveraged the trust developers place in official vendor packages to gain access to downstream systems and potentially sensitive infrastructure.","Official SAP npm packages compromised in supply chain attack targeting developer credentials.",null,"https:\u002F\u002Fx.com\u002FSentinelOne\u002Fstatus\u002F2050290329040081368","2026-05-01T19:04:41+00:00","2026-05-01T20:00:11.877269+00:00",9,[17,20,23],{"name":18,"type":19},"SAP","vendor",{"name":21,"type":22},"npm","technology",{"name":24,"type":22},"developer credentials","26b0b636-0e31-4db1-bffb-61bdf9f20a58",{"id":25,"icon":11,"name":27,"slug":28},"Supply Chain","supply-chain",[30,35,40],{"category":31},{"id":32,"icon":11,"name":33,"slug":34},"89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5","Malware","malware",{"category":36},{"id":37,"icon":11,"name":38,"slug":39},"ade75414-7914-4e23-a450-48b64546ee70","Open Source","open-source",{"category":41},{"id":42,"icon":11,"name":43,"slug":44},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[46],{"type":34,"value":47,"context":48},"SAP npm package injection","Malicious code injected into official SAP npm packages to harvest credentials and tokens"]