Mini ShaiHulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account

Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the antv ecosystem as part of the ongoing Mini ShaiHulud attack wave The attack affects packages tied to the npm maintainer account atool including echartsforreact a widely used React wrapper for Apache ECharts with roughly 11 million weekly