Dossier
echarts-for-react
Coverage of echarts-for-react in the Nexus archive.
- Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
Cybersecurity researchers discovered a software supply chain attack campaign compromising npm packages associated with the @antv ecosystem, affecting packages tied to the npm maintainer account atool, including echarts-for-react. The attack is part of the ongoing Mini Shai-Hulud attack wave, impacting roughly 1.1 million weekly users. This campaign compromises various npm packages.