Prevent Shai-Hulud 2.0 npm Attack with deps_checker

Just pushed an update to the deps_checker that makes it dead simple to check if any mobile apps in a NowSecure account are pulling in one of the 790+ packages compromised in the Shai-Hulud 2.0 npm attack. What’s new: - The `--fetch-shai-hulud` CLI option grabs the latest list of tampered packages automatically - Pair it with --all-app-refs and it scans every app’s latest assessment in one shot Since exact malicious versions are tough to pin down in this wave, the tool flags any app that even mentions one of the manipulated packages so you can jump on it fast. - you can supply your own database or the built in options - can easily be rolled into a cron task to periodically check your app portfolio for risks If you’re in mobile app sec, customer success, or just want to help teams move quicker when the next supply-chain mess hits, feel free to star or pass it along. This is a simple open source standalone tool for now… but it does require a NowSecure account to get the binary SBOM. #MobileSecurity #AppSec #SupplyChainAttack #SBOM