The security incidents at GitHub and Grafana are likely related to a large-scale "mini sandworm" supply chain attack

By: rootdata|2026/05/20 20:45:06
0
Share
copy

According to the threat intelligence released by Slow Fog, several high-frequency npm packages including AntV and Echarts-for-react, as well as the Python SDK durabletask, have recently been targeted by the Mini Shai-Hulud "mini sandworm" supply chain attack. The npm account atool was compromised, and the attacker automatically published 637 malicious versions within 22 minutes, affecting 317 packages. The attacker continuously uploaded durabletask versions 1.4.1, 1.4.2, and 1.4.3 within 35 minutes, bypassing normal release controls and impersonating an official Microsoft release.

The large-scale leak of GitHub tokens and the ransomware attack on Grafana Labs are likely related to this supply chain attack. Affected components include high-frequency components such as AntV and Echarts-for-react in the npm ecosystem, as well as Python packages durabletask 1.4.1, 1.4.2, and 1.4.3. Attackers can steal cloud and local credentials, gain unauthorized access to internal repositories and sensitive cloud infrastructure, move laterally to developer machines and CI/CD pipelines, sell and exploit leaked GitHub tokens, and implement extortion and data leak threats.

Slow Fog recommends immediately rotating all exposed credentials, replacing affected packages, isolating potentially infected systems, and implementing strict dependency review policies. Previously, it was reported that the "mini sandworm" worm has recently completed widespread infection in open-source code repositories, and developers should be vigilant in checking for issues.

You may also like

How to choose between buying discounted ETH, Bitmine, and SharpLink?

The answer may not lie in whose story is told better, but in specific dimensions such as cost of holding, financing ability, liquidity, and whether the narrative can be realized.

Semiconductor stocks plummet, yet Anthropic wants to create a 2nm chip

Abandoning TSMC and teaming up with Samsung. Anthropic launches a self-developed 2nm chip program, challenging Nvidia and starting a battle to break through computing power costs.

A South Korean company that learned the strategy of hoarding coins, from a bull market to delisting?

When the overall momentum of the Korean stock market is strong, this batch of cryptocurrency concept stocks, branded as the "Korean version of Strategy," finds itself at a crossroads of life and death.

Where is Zhao Changpeng's billion-dollar investment going? YZi Labs' investment landscape fully revealed

Zhao Changpeng's billion-dollar new "family office" YZi Labs investment landscape revealed: 70% of the funds are committed to the crypto ecosystem, while 30% are cross-industry bets on AI and biotechnology, launching a new capital experiment in the post-Binance era.

Ethereum Foundation Report: A Basic Guide to Ethereum for Governments and Financial Institutions

The Ethereum Foundation has released this non-technical introductory report aimed at government officials, central banks, regulators, and corporate decision-makers, explaining how Ethereum works, how it is governed, how it differs from other blockchains, and how institutions and governments are alre...

A pre-announced harvesting case: After the cryptocurrency price dropped by 99%, the public chain Saga exited to transform into AI

True failure often isn't a single price drop, but rather a pricing mechanism that repeatedly rewards those who tell stories while repeatedly punishing those who believe in the stories.

Popular coins

Latest Crypto News

Read more
iconiconiconiconiconiconicon
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com