Security News Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account TheHackerNews Daniel Bender 19 May 2026 Share Mini Shai-Hulud hits @antv and echarts-for-react via npm maintainer compromise, exposing 1.1M weekly downloads to credential theft.
