npm maintainer account compromised May 19, 2026; attacker publishes 637 malicious versions across 317 packages in 22 minutes, including size-sensor and echarts-for-react with 15M+ monthly downloads, deploying Mini Shai-Hulud toolkit to harvest AWS, GitHub, npm credentials and install persistent GitHub-based backdoors via AI agents, CI/CD workflows, systemd services.

Mini Shai-Hulud Strikes Again: 317 npm Packages Compromised

• May 19, 2026 • 26 min readTable of ContentsTL;DRThe npm account atool ([email protected]) was compromised on May 19, 2026. The attacker published 637 malicious versions across 317 packages in a 22-minute automated burst. Affected packages include size-sensor (4.2M downloads/month), echarts-for-react (3.8M), @antv/scale (2.2M), timeago.js (1.15M), and hundreds of @antv scoped packages. The payload is a 498KB obfuscated Bun script that matches the Mini Shai-Hulud toolkit used in the SAP compromi...