Mini Shai-Hulud Hits AntV: 300+ Malicious npm Packages Published via Compromised Maintainer Account
Source
SnykMini Shai-Hulud Hits AntV: 300+ Malicious npm Packages Published via Compromised Maintainer Accountsnyk.ioYou might also wanna read
Microsoft uncovers supply chain attack: Compromised @antv npm packages steal CI/CD credentials via Mini Shai-Hulud malware
Microsoft has identified an active supply chain attack targeting the @antv npm package ecosystem. A threat actor compromised an @antv mainta
317 npm Packages Compromised in Mini Shai-Hulud Supply Chain Attack
A major npm supply chain attack occurred on May 19, 2026, when the npm account of maintainer "atool" was compromised. The attacker published
Shai-Hulud: Largest npm Supply-Chain Compromise Affecting CrowdStrike and Hundreds of Packages
The Shai-Hulud malware campaign represents the largest and most dangerous npm supply-chain compromise in history, affecting hundreds of pack
GitLab Identifies Large-Scale npm Supply Chain Attack with Destructive Malware
GitLab's security researchers have uncovered a large-scale supply chain attack in the npm ecosystem involving a destructive malware variant
Red Hat npm packages compromised in Miasma supply chain attack exposing developer credentials
Security researchers at Wiz have identified a campaign called Miasma, the latest evolution of the Shai-Hulud malware family, targeting npm s
Microsoft uncovers npm supply chain attack stealing cloud and CI/CD credentials via typosquatted packages
Microsoft identified an active supply chain attack (Mini Shai-Hulud campaign) targeting the npm package ecosystem. On May 28, 2026, a threat

Comments
Sign in to join the conversation.
No comments yet. Be the first.