The Mini Shai-Hulud worm has resurfaced in one of its largest single-registry waves to date, hitting hundreds of npm packages tied to the AntV data visualization ecosystem in a coordinated burst lasting around an hour. According to new analysis by Socket's Threat Research Team, the attack began around 01:56 UTC on May 19 and pushed 639 malicious versions across 323 unique packages before stopping roughly an hour later. Microsoft, which has previously published Defender protection guidance for the broader Mini Shai-Hulud campaign, has also provided updates from its own investigation into the new supply chain attack via X on Tuesday, May 19. Several affected packages are high-download npm dependencies, including echarts-for-react, size-sensor, @antv/scale, and timeago.js, among others. The compromised npm maintainer account, “atool,” held publish rights to more than 500 packages. Each malicious version added a preinstall hook to package.json that executes a 498 KB obfuscated Bun bundle, harvesting cloud credentials, CI/CD tokens, SSH keys, Kubernetes service account tokens and local password manager vaults. The payload exfiltrated stolen data through public GitHub repositories created using stolen tokens, named after Dune universe terminology with descriptions containing a reversed marker reading "Shai-Hulud: Here We Go Again." Avital Harel, security research lead at Upwind, said the operation appeared mature and defender-aware, with attackers anticipating the tools used to detect and analyze malware. "The campaign was not only built to spread, but also to slow down analysis," she explained. Read more on this campaign: Mini Shai-Hulud Hits TanStack npm Packages Socket described the tradecraft as consistent with a "high-volume npm compromise pattern involving coordinated malicious publishes."