PANews|May 20, 2026 05:10
[SlowMist: GitHub and Grafana Security Incidents Likely Linked to Large-Scale 'Mini Shai-Hulud' Supply Chain Attack]
According to threat intelligence released by SlowMist, several high-frequency npm packages, including AntV and Echarts-for-react, as well as the Python SDK durabletask, have recently been targeted by the Mini Shai-Hulud 'mini sandworm' supply chain attack. On May 19, the npm account atool was compromised, and attackers automatically published 637 malicious versions involving 317 packages within 22 minutes. Between 00:19 and 00:54 Beijing time on May 20, attackers uploaded versions 1.4.1, 1.4.2, and 1.4.3 of durabletask within 35 minutes, bypassing normal release controls and impersonating an official Microsoft release. The large-scale GitHub token leak and the ransomware attack on Grafana Labs are likely related to this supply chain attack.
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink