TI Mindmap HUB
Threat Intelligence Report

Mini Shai-Hulud Is Back: npm Worm Hits over 160 Packages, including Mistral and Tanstack

📅 May 13, 2026 📰 www.aikido.dev 🔍 0 CVE(s) referenced

A sophisticated npm supply-chain worm dubbed Mini Shai-Hulud has escalated its campaign, compromising over 160 packages—including Mistral and Tanstack—to steal developer and CI/CD credentials and propagate further malware via trusted publishing workflows.

vendor

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap
🎯 IOC Extraction
⚔️ MITRE ATT&CK TTPs
📦 STIX 2.1 Bundle