---
title: "Open Source Package 'Mini Shai-Hulud' Identified as Malware, Affecting Popular Tools"
type: "News"
locale: "en"
url: "https://longbridge.com/en/news/286983499.md"
description: "The open-source package 'Mini Shai-Hulud' has been identified as malware, affecting popular tools like Alibaba's AntV and echarts-for-react, which has 1.1 million weekly downloads. The malware's discovery has led to a zero supply chain security score. The breach was traced back to a compromised developer account, 'atool,' whose permissions were stolen, resulting in widespread infection across numerous code repositories."
datetime: "2026-05-20T00:53:52.000Z"
locales:
  - [zh-CN](https://longbridge.com/zh-CN/news/286983499.md)
  - [en](https://longbridge.com/en/news/286983499.md)
  - [zh-HK](https://longbridge.com/zh-HK/news/286983499.md)
---

# Open Source Package 'Mini Shai-Hulud' Identified as Malware, Affecting Popular Tools

A recent alert from crypto influencer @mubeitech has highlighted a significant security issue involving an open-source foundational package, which has been downloaded 1.1 million times weekly. According to PANews, the package has been flagged as known malware, resulting in its supply chain security score dropping to zero. The malware, named 'Mini Shai-Hulud,' has recently caused widespread infection in open-source code repositories. The list of affected components includes high-frequency tools such as Alibaba's data visualization suite, AntV, with hundreds of packages reportedly injected with malicious code. Other commonly used front-end tools like echarts-for-react and timeago.js have also been compromised. Notably, echarts-for-react alone sees an installation rate of 1.1 million times per week. The breach originated from the compromise of a regular developer account, with the username 'atool,' which had its permissions stolen.

### Related Stocks

- [KBAB.US](https://longbridge.com/en/quote/KBAB.US.md)
- [BABX.US](https://longbridge.com/en/quote/BABX.US.md)
- [BABA.US](https://longbridge.com/en/quote/BABA.US.md)
- [09988.HK](https://longbridge.com/en/quote/09988.HK.md)
- [89988.HK](https://longbridge.com/en/quote/89988.HK.md)
- [HBBD.SG](https://longbridge.com/en/quote/HBBD.SG.md)

## Related News & Research

- [Alibaba Files Form 13F as Investment Manager, Highlights WVR Structure](https://longbridge.com/en/news/286686984.md)
- [Golden Web3.0 Daily Report | TON Launches Acton, a Unified Smart Contract Toolchain](https://longbridge.com/en/news/286115692.md)
- [Advancing Open Source Patent Protection: Preservation of OIN 2.0 Source Code](https://longbridge.com/en/news/286806696.md)
- [In-depth analysis of the Shai-Hulud malware: Is open source a recipe for disaster?](https://longbridge.com/en/news/286230902.md)
- [Open source tool maker Grafana Labs says hackers stole its code, refuses to pay ransom](https://longbridge.com/en/news/286782006.md)