Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
Mini Shai-Hulud hits @antv and echarts-for-react via npm maintainer compromise, exposing 1.1M weekly downloads to credential theft.
More info