EarlyNarratives
Pricing
Start free trialSign in
Start free trialSign in
Storyline

Mini Shai-Hulud supply chain attack compromises npm ecosystem and CI/CD credentials

A new supply chain attack dubbed Mini Shai-Hulud has compromised 323 npm packages maintained by @antv, including widely used data-visualization libraries like echarts-for-react.

Published 2026-05-18 08:57 UTCUpdated 2026-05-20 20:31 UTC
Current brief openSource links open
This current storyline is open here with summary, metadata, source links, continuity context, and full evidence. Paid is for compare-over-time, alerts, exports, and workflow.
BackEvidence (2)Get the free brief by emailStart free trial
No card needed for the free brief.
Evidence trail (top sources)
top sources (2 domains)domains are deduped. counts indicate coverage, not truth.
2 top sources shown
New Mini Shai-Hulud attack targets npm ecosystem
SC Media · News · scworld.com · 2026-05-20 20:31 UTC
limited source diversity in top sources
View all evidence
Overview

A new supply chain attack dubbed Mini Shai-Hulud has compromised 323 npm packages maintained by @antv, including widely used data-visualization libraries like echarts-for-react.

Score total
0.99
Momentum 24h
2
Posts
2
Origins
2
Source types
1
Duplicate ratio
0%
Why now
  • Attack discovered recently with active exploitation in the wild.
  • Malicious payload designed to evade detection and forge provenance complicates incident response.
  • High download volume of affected packages amplifies blast radius and urgency for mitigation.
Why it matters
  • Compromise of popular npm packages risks widespread credential theft across CI/CD pipelines.
  • Attack targets multiple cloud and secret management platforms, increasing potential impact.
  • Supply chain attacks on open source ecosystems threaten software development and deployment security.
Continuity snapshot
  • Trend status: insufficient_history.
  • Continuity stage: chatter.
  • Current status: open.
  • 2 current source-linked posts are attached to this storyline.
All evidence
All evidence
New Mini Shai-Hulud attack targets npm ecosystem
SC Media · scworld.com · 2026-05-20 20:31 UTC
Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft
Microsoft Security Blog · microsoft.com · 2026-05-20 17:48 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 2Origin domains: 2Duplicates: -
Showing 2 / 0
Top publishers (this list)
  • SC Media (1)
  • Microsoft Security Blog (1)
Top origin domains (this list)
  • scworld.com (1)
  • microsoft.com (1)