Cyber Signal — Popular @antv npm packages have been compromised with malwar — OpenWatch

Real-time global intelligence

© 2026 OpenWatch. All rights reserved.

For informational and entertainment purposes only. Not investment advice.

Platform

Brief
Signals
Cascade
Trajectories
Wagers
Track Record
Countries
Companies
Industries
Themes
Rankings

Tools

Globe
Analytics
Crises
Clusters
Supply Chain
Alliances
Screener
Watchlist
Portfolio

Developer

Status

Sources

View all sources →

1,000+ tracked sources

Signals updated every 15 minutes

Not investment advice. OpenWatch is provided for informational and entertainment purposes only. While we strive for accuracy, precision, and source attribution in all intelligence assessments, geopolitical analysis involves inherent uncertainty and our conclusions may be incomplete, delayed, or incorrect. Nothing on this platform constitutes financial, investment, legal, or professional advice of any kind. Forward-looking scenarios and probability estimates are analytical hypotheses — not independently validated forecasts. Any actions taken based on information found here are solely your responsibility. Always consult a qualified financial advisor before making investment decisions. Past signal patterns do not guarantee future outcomes.

Methodology
Privacy Policy
Terms of Use

openwatch.io

v·882b234

Cyber Signal — Popular @antv npm packages have been compromised with malwar — OpenWatch

← Back to search

Cybercrisis🇺🇸United States 🇨🇳China 🇷🇺Russia 🇮🇷IranMay 20, 2026

Popular @antv npm packages have been compromised with malware that steals CI/CD secrets from developers' systems. The 'Mini Shai-Hulud' payload executes during npm install and exfiltrates credentials for GitHub, AWS, Kubernetes, Vault, npm, and 1Password from Linux automation environments.

Severity: 6.5/10Source: Microsoft Security Blog

Read full report ↗Related signals →