bluedoor dataTrust Centers APIbluedoor.sh

Home / Security updates / Security Advisory

Security Advisory

Security updates detail rendered from /security-updates/upd_5a12e8ae199ec3fa.

Overview

IDupd_5a12e8ae199ec3fa
CollectionSecurity Updates
ProviderSafeBase
CompanyArmis
URL-
Counts-
Updated-

Raw record

FieldValue
idupd_5a12e8ae199ec3fa
providerIdsafebase
organizationIdorg_7c3080d82f254133
trustCenterIdtc_47fb85fb9f9d3db2
titleSecurity Advisory
message### Security Advisory: Armis Unaffected by "Shai-Hulud" npm Supply Chain Attack 馃敂 ##### Dear Customer, Armis is actively tracking an ongoing software supply chain attack named "Shai-Hulud," involving malicious packages published to the npm registry on September 15, 2025. Our security team has conducted a thorough investigation, and we can confirm that the Armis Centrix platform is not affected by this campaign. Our review has verified that we do not utilize any of the hundreds of malicious package versions identified in this attack. ##### Background on the "Shai-Hulud" Campaign The "Shai-Hulud" campaign delivers data-stealing malware through a post-install script embedded in compromised npm packages. The attack specifically targets the software development lifecycle (SDLC) and developer workstations. **Execution:** Once a developer installs a malicious package, the script activates and harvests sensitive data, including environment variables, cloud keys, and other secrets. **Da
url-
publishedAt2025-09-17
source
{
  "field": "statuspage/public/compliance-update",
  "category": "incidents"
}
company
{
  "id": "org_7c3080d82f254133",
  "name": "Armis",
  "domains": [
    "trust.armis.com",
    "armis.com"
  ]
}
trust_center
{
  "id": "tc_47fb85fb9f9d3db2",
  "name": "Armis",
  "url": "https://trust.armis.com",
  "host": "trust.armis.com"
}
provider
{
  "id": "safebase",
  "name": "SafeBase"
}
links
{
  "self": "/v1/security-updates/upd_5a12e8ae199ec3fa",
  "company": "/v1/companies/org_7c3080d82f254133",
  "trust_center": "/v1/trust-centers/tc_47fb85fb9f9d3db2",
  "provider": "/v1/providers/safebase"
}
Get this page with API

Rendered from the bluedoor Trust Centers API. Reproduce it:

GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_5a12e8ae199ec3faJSON