CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◉ Threat Intelligence May 20, 2026

Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft

Microsoft Security Archived May 20, 2026 ✓ Full text saved

Compromised @antv npm packages deploy the Mini Shai-Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and targets credentials across GitHub, AWS, Kubernetes, Vault, npm, and 1Password platforms. The post Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft appeared first on Microsoft Security Blog .

Full text archived locally
✦ AI Summary · Claude Sonnet

    May 20 Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow The AI systems shipping inside enterprises today are fundamentally different from the ones we were building even two years ago, because they have moved well past answering questions and into accessing your email, retrieving records from your CRM, writing and executing code, and taking actions on your behalf across dozens of connected systems.
    💬 Team Notes
    Article Info
    Source
    Microsoft Security
    Category
    ◉ Threat Intelligence
    Published
    May 20, 2026
    Archived
    May 20, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗