A compromised npm account associated with the timeago.js library had rights to publish a large catalog of packages, including widely used tools. The attacker published at least 637 malicious versions across 317 npm packages within a 22-minute burst. This activity compromised a significant portion of Alibaba’s AntV namespace, a platform used to build dashboards, user interfaces, and interactive applications across multiple regions. The incident reflects a growing npm supply-chain threat pattern, with successive waves becoming faster and broader. Victims who installed infected packages faced the Mini-Shai-Hulud worm, whose source code was briefly released to other criminals on GitHub.
""Each wave has been faster and broader than the last." Anyone unlucky enough to be infected by one of the malicious packages will find themselves on the receiving end of the potent Mini-Shai-Hulud worm, the source code for which was recently briefly released to other criminals on GitHub."
#npm-supply-chain-attacks #malicious-package-publishing #antv-namespace-compromise #mini-shai-hulud-worm #javascript-ecosystem-security
Read at InfoWorld
Unable to calculate read time
Collection
[
|
...
]