#mini-shai-hulud

[ follow ]
#software-supply-chain-attacks #npm-package-compromise #credential-stealing #data-visualization-libraries
Information security
fromThe Hacker News
5 hours ago

Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

A compromised npm maintainer account pushed trojanized @antv and related packages, embedding credential-stealing code and creating significant downstream exposure for auto-updating dependencies.
[ Load more ]