GitHub Worm Hits npm Packages With 16M Downloads

2026-05-20T07:05 · tech

A self-replicating worm that hijacks GitHub Actions pipelines to publish malicious npm packages has struck again, compromising AntV, echarts-for-react, and Microsoft’s durabletask SDK. Mini Shai-Hulud Exploits GitHub Actions to Hit 16 Million Weekly Downloads The Mini Shai-Hulud campaign, attributed to the threat group Team PCP, does not work the way most supply chain attacks do […]