:

600+ MALICIOUS NPM PACKAGES FOUND IN SHAI-HULUD CAMPAIGN

AI DESK2 MIN READ
WED, MAY 20, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Threat actors published over 600 malicious packages to npm in a coordinated supply chain attack. The majority targeted the @antv ecosystem, a popular visualization library.

More than 600 malicious packages were discovered on npm as part of the Shai-Hulud campaign, marking a significant supply chain attack against JavaScript developers. The majority of malicious versions were published to packages within the @antv ecosystem, a widely-used data visualization toolkit. The attack demonstrates the ongoing vulnerability of open-source package repositories to coordinated threats. Supply chain attacks targeting npm have grown more frequent as attackers seek to compromise applications at scale. By injecting malicious code into popular packages, threat actors can potentially reach thousands of developers and end-users relying on those dependencies. The @antv ecosystem includes packages used for charting, geospatial visualization, and data analytics across numerous projects. The widespread nature of this ecosystem means the attack could have affected a substantial portion of JavaScript projects using these libraries. Developers using packages from the @antv ecosystem should immediately review their dependencies and verify package versions. npm has been notified of the malicious packages, and removal efforts are underway. Package managers and developers are advised to audit their dependency trees and consider implementing additional security measures. This incident underscores the importance of monitoring package repository activity and maintaining strict version control practices. Organizations should implement software composition analysis tools to detect suspicious package behavior and maintain updated security policies for third-party dependencies. The Shai-Hulud campaign represents a sophisticated attempt to compromise the JavaScript ecosystem at scale, highlighting the critical need for improved security practices across open-source package distribution platforms.

■ SOURCES

Techmeme

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

Fraudsters are creating convincing counterfeit news articles impersonating major publishers like the Guardian to direct social media users to bogus investment sites. The fake stories feature fabricated celebrity endorsements and financial narratives designed to establish credibility.

3H AGOIndustry Desk

A security analysis reveals xAI's Grok Build command-line tool transmits complete source code and project files to xAI's servers. The discovery raises data privacy questions for developers using the tool.

9H AGOAI Desk

A Cambridge study reveals that terrorist organizations including Boko Haram and ISIS are using ChatGPT, Claude, and Gemini to plan attacks and develop weapons. Safety filters designed to prevent such misuse have repeatedly failed.

20H AGOAI Desk

The Australian Cyber Security Centre has issued an alert about coordinated exploitation of vulnerable content management systems and plugins worldwide. The campaign targets organizations using outdated or unpatched CMS software.

22H AGOAI Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.