AntV Compromise Spreads Malware Across 317 npm Packages After 637 Malicious Versions Published
Updated
Updated · InfoWorld · May 19
AntV Compromise Spreads Malware Across 317 npm Packages After 637 Malicious Versions Published
11 articles · Updated · InfoWorld · May 19
A 22-minute burst on May 19 pushed at least 637 malicious versions into 317 npm packages tied to AntV after attackers hijacked a privileged maintainer account.
SafeDep said the breached account, atool, had publish rights across widely used packages including size-sensor, echarts-for-react, @antv/scale and timeago.js, giving the attackers broad reach.
The payload was the Mini-Shai-Hulud worm, which steals npm and GitHub tokens plus credentials from 130 file paths, then stores exfiltrated data in public Dune-themed GitHub repositories that swelled to 2,500.
AntV said infected packages were deleted and remaining ones deprecated, urging users to identify safe versions carefully; security firms advised auditing CI/CD systems and rotating all credentials.
Researchers called it the third major npm supply-chain wave this year, larger and faster than the TanStack and SAP package incidents and a sign of escalating registry attacks.
With attackers now forging 'trusted' software, is our entire supply chain security model obsolete?
How can companies defend against malware that punishes them for fixing a security breach?
"Hundreds of npm Packages Compromised: Inside the Rapid, Wormable 'Mini Shai-Hulud' Supply Chain Attack (May 2026)"
Overview
The "Mini Shai-Hulud" attack, first detected on May 19, 2026, is rapidly spreading through the npm ecosystem by worming its way across open-source registries with remarkable speed. This automated supply chain attack has already infected hundreds of software packages, embedding malicious payloads designed to steal credentials from popular development tools. The campaign’s ability to compromise various registries highlights a serious threat to software supply chain security, as attackers gain access to sensitive authentication information. The scale and speed of this attack underscore the urgent need for enhanced vigilance and stronger security measures across the open-source community.