Cybersecurity Desk: A fast-moving software supply chain attack campaign known as “Mini Shai-Hulud” has compromised multiple widely used npm packages in the @antv ecosystem, raising fresh concerns about the security of open-source software dependencies used in modern development pipelines.
Security researchers report that the attack stems from a compromised maintainer account, allowing threat actors to publish malicious updates to trusted libraries used by millions of developers worldwide.
Widely Used AntV Packages Targeted in npm Attack
Cybersecurity analysts have confirmed that the attack impacted multiple packages under the npm ecosystem, particularly those associated with the AntV visualization framework.
Affected packages reportedly include key libraries such as:
- @antv/g2
- @antv/g6
- @antv/x6
- @antv/l7
- @antv/s2
- @antv/f2
- @antv/graphin
- @antv/data-set
In addition, several widely used open-source tools outside the AntV namespace, including React and visualization-related libraries, were also exposed to malicious updates.
Researchers estimate that the compromised maintainer account was linked to high-download packages such as echarts-for-react, significantly increasing the potential impact of the breach.
Massive Blast Radius Across Open-Source Ecosystem
Security firm Socket reported that the attacker published hundreds of malicious package versions in a short time span, affecting hundreds of repositories across the ecosystem.
The compromised packages are widely used in:
- Data visualization tools
- Charting and graphing libraries
- Mapping and analytics frameworks
- React-based UI components
Experts warn that even partial compromise of such libraries can cascade into enterprise systems due to automatic dependency updates in modern development environments.
Credential-Stealing Malware Hidden in Package Updates
The malicious versions reportedly contain embedded code designed to steal sensitive credentials from developer environments.
According to researchers, the payload is capable of extracting:
- Cloud access keys (AWS, Azure, Google Cloud)
- GitHub and npm authentication tokens
- SSH credentials and Kubernetes secrets
- Database connection strings
- Payment platform keys and API tokens
The stolen data is then encrypted and exfiltrated to attacker-controlled infrastructure. In some cases, the malware also attempts to reuse stolen tokens to further spread across additional packages.
Self-Replicating Supply Chain Worm Behavior
Security analysts describe the campaign as highly automated and worm-like in nature. Once a maintainer account is compromised, the malware:
- Injects malicious preinstall scripts into packages
- Replicates across multiple dependencies
- Publishes modified versions under trusted identities
- Uses stolen tokens to propagate further infections
This self-spreading behavior has significantly increased the scale and speed of the attack, making containment more difficult.
Part of Broader “Mini Shai-Hulud” Campaign
The attack is part of an ongoing wave dubbed “Mini Shai-Hulud,” a supply chain malware campaign that has previously targeted multiple open-source ecosystems.
Security researchers note that the same infrastructure and techniques have been observed in earlier incidents, including credential theft and automated propagation across developer repositories.
The campaign is believed to be financially motivated, with attackers aiming to harvest sensitive credentials for resale or further exploitation.
Experts Warn of Expanding Open-Source Security Crisis
Cybersecurity firms warn that the incident highlights growing risks in dependency-driven software development, where trusted packages can be silently weaponized.
Experts emphasize that compromised packages can bypass traditional security checks due to their legitimacy within build pipelines.
Organizations using:
- CI/CD systems
- GitHub-based workflows
- Container registries
- Cloud-integrated development tools
are considered particularly vulnerable to downstream compromise.
Security Recommendations for Developers
Security professionals are urging immediate action, including:
- Pinning dependencies to verified versions instead of auto-updating
- Auditing recent package updates in production systems
- Monitoring CI/CD pipelines for unusual network activity
- Rotating exposed API keys and access tokens
- Restricting automated publishing permissions in npm environments
Growing Risk to Enterprise Software Supply Chains
The incident underscores how a single compromised maintainer account can trigger widespread downstream exposure across global software ecosystems.
With open-source libraries deeply embedded in enterprise applications, experts warn that supply chain attacks like Mini Shai-Hulud represent one of the most critical cybersecurity risks facing modern software development.
