Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft
Source: Blogs.Microsoft
Published:
<p>Compromised @antv npm packages deploy the Mini Shai-Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and targets credentials across GitHub, AWS, Kubernetes, Vault, npm, and 1Password platforms.</p>