Compromised @antv npm Packages Deploy Mini Shai‑Hulud Malware to Steal CI/CD Credentials Across GitHub, AWS, Kubernetes, Vault, npm, and 1Password
What Happened — Threat actors compromised several popular @antv npm packages. The malicious payload, dubbed Mini Shai‑Hulud, executes during npm install on Linux‑based CI/CD runners and harvests credentials for GitHub, AWS, Kubernetes, HashiCorp Vault, npm, and 1Password.
Why It Matters for TPRM —
- Supply‑chain compromise of a widely‑used JavaScript library can expose any downstream organization that automatically trusts npm packages.
- Stolen CI/CD secrets enable attackers to pivot into cloud environments, exfiltrate data, or deploy ransomware.
- Traditional perimeter defenses often miss malicious code that runs only during build pipelines.
Who Is Affected — Software development firms, cloud service providers, DevOps tooling vendors, and any organization that integrates @antv packages into automated build pipelines (spanning finance, healthcare, SaaS, and more).
Recommended Actions —
- Conduct an immediate inventory of all @antv npm dependencies across your codebase.
- Enforce signed package verification (e.g., npm’s
--verify-integrityor third‑party SBOM tools). - Rotate all CI/CD credentials and secrets stored in GitHub Actions, AWS IAM, Kubernetes service accounts, Vault, npm tokens, and 1Password.
- Implement least‑privilege policies for service accounts and enforce short‑lived tokens.
- Deploy runtime monitoring on build agents to detect anomalous credential access.
Technical Notes — The malware is delivered via a trojanized postinstall script in the compromised packages. It leverages standard Node.js APIs to locate credential files and environment variables, then exfiltrates them to attacker‑controlled endpoints. No CVE is directly involved; the attack vector is a third‑party dependency supply‑chain compromise. Source: Microsoft Security Blog