PostHog admits Shai-Hulud 2.0 was its biggest ever security bungle

Automation flaw in CI/CD workflow let a bad pull request unleash worm into npm PostHog says the Shai-Hulud 2.0 npm worm compromise was "the largest and most impactful security incident"…