Threat Intelligence Report

Reverse Shai-Hulud: Supply chain compromise impacts @antv packages

📅 May 24, 2026 📰 www.threatlocker.com 🔍 0 CVE(s) referenced

A rapidly spreading supply chain attack leveraging the Mini Shai-Hulud worm has compromised hundreds of @antv npm packages, enabling widespread theft and exfiltration of developer secrets from thousands of downstream users by abusing trusted update channels and advanced persistence.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle