The Leopard's Head
On May 19, an attacker logged into a single npm account and, over 22 minutes, published 637 malicious versions across 317 software packages. The attack, dubbed Mini Shai-Hulud, used valid credentials and an automated script. The poisoned packages included echarts-for-react (a charting wrapper with high weekly downloads) and several @antv data-visualization libraries. The payload was a 498-kilobyte obfuscated script that searched for AWS keys, Kubernetes service-account tokens, GitHub tokens, npm tokens, SSH keys, and local vaults of 1Password and Bitwarden. If a project had "echarts-for-react": "^3.0.6" in its package.json, the caret resolved to the malicious 3.2.7 on the next clean install. Users did not need to do anything wrong; they only had to have done everything normal.
A supply-chain attack via compromised npm credentials can silently infect widely-used packages, stealing credentials from developers and infrastructure.