Mini Shai
Source: Cryptopolitan
Published:
<p>On May 19, the Mini Shai-Hulud worm compromised one npm maintainer account and pushed 639 malicious versions across 323 packages in under 30 minutes.</p> <p>The compromised account, “atool” ( [email protected] ), publishes Alibaba’s entire @antv data visualization stack alongside standalone libra