Mini Shai-Hulud Hits AntV: 300+ Malicious npm Packages Published via Compromised Maintainer Account

A significant supply chain attack has targeted the @antv data visualization ecosystem via the npm registry, attributed to the threat group TeamPCP and identified as part of the Mini Shai-Hulud campaign. On May 19, 2026, the group released over 300 malicious package versions across 323 packages, affecting approximately 16 million weekly downloads, through a compromised npm maintainer account. The malware embedded in these packages is designed to harvest developer secrets and cloud credentials, establish persistent command and control access, and propagate further using stolen npm tokens. The attack involved sophisticated techniques, including the use of GitHub Actions OIDC tokens to create valid cryptographic attestations, and a worm-like propagation mechanism. The incident has significant implications for developers and CI/CD environments, given the potential for widespread credential theft and persistent threats beyond the initial infection. Immediate remediation steps include removing persistence mechanisms, rotating credentials, and downgrading to pre-attack package versions. Snyk has provided advisories and resources to assist organizations in identifying and mitigating exposure.