Mini Shai-Hulud Compromises @antv npm Packages to Steal CI/CD Credentials
Source: Cybersecuritynews
Published:
<p>A new and sophisticated supply chain attack has been uncovered, targeting one of the most trusted corners of the open-source software world. Dubbed “Mini Shai-Hulud,” this campaign went after the @antv npm package ecosystem, a collection of widely used data visualization libraries powering dashbo