Mini Shai-Hulud Hits AntV: 300+ Malicious npm Packages Published via Compromised Maintainer Account
✦ NabkaNews BriefAuto-summarized from multiple outlets · verify with the source
A supply chain attack, known as Mini Shai-Hulud, has compromised an npm maintainer account and published over 300 malicious packages targeting the AntV ecosystem. The compromised packages may enable credential theft, particularly in continuous integration and continuous deployment (CI/CD) environments. The attack has been reported to affect the @antv ecosystem, with multiple sources confirming the breach.
Full coverage
12345