NPM Packages

Mini Shai-Hulud Poisons Hundreds of AntV npm Packages in One-Hour Burst

Stolen maintainer credentials let the worm ship install-time stealers that raid developer and CI secrets.