SlowMist: Analysis Flags High-Volume Package Tampering, Token Theft, And Repository Breaches Across Open-Source Ecosystems
In Brief
Blockchain security firm SlowMist reports a coordinated “Mini Shai-Hulud” supply chain attack targeting npm and Python packages, exposing credentials, GitHub tokens, and infrastructure secrets across multiple ecosystems.
According to a report released by a blockchain security firm SlowMist on the social media platform X, a series of supply chain compromises affecting widely used software packages has been identified, with indications of a coordinated intrusion campaign referred to as “Mini Shai-Hulud.” The analysis suggests that several high-traffic npm libraries, including AntV and Echarts-for-react, alongside the Python-based durabletask SDK, were impacted by malicious releases distributed through compromised publishing credentials.
One incident described in the report occurred on 19 May 2026, when an npm account associated with the email [email protected] was allegedly compromised. This access reportedly enabled threat actors to publish a large number of tampered package versions, with 637 malicious releases pushed across 317 separate packages within a 22-minute window. The activity was characterized as an automated and high-speed deployment consistent with supply chain manipulation tactics.
Escalation Of Multi-Platform Supply Chain Intrusions And Credential Abuse Patterns
A second event was reported on 20 May 2026, Beijing time, involving the Python package durabletask. Multiple altered versions, including 1.4.1, 1.4.2, and 1.4.3, were reportedly released within a short span of approximately 35 minutes. According to the analysis, these updates bypassed standard release controls and appeared to imitate legitimate Microsoft software distribution channels, raising concerns about impersonation within trusted developer ecosystems.
The report further links these incidents to broader security compromises, including alleged GitHub token exposure events and a targeted attack against Grafana Labs. In the case of the GitHub-related incident, compromised credentials were reportedly obtained from an infected employee device, with indications that a malicious VS Code extension may have been involved. These credentials were allegedly used to access and potentially exfiltrate private repositories. Separately, Grafana Labs was reported to have experienced unauthorized repository access on 16 May 2026, followed by data exfiltration and a ransom demand.
The affected scope is described as extensive, spanning npm and Python ecosystems, developer authentication material, and internal infrastructure secrets. Reported targets include cloud access keys, GitHub personal access tokens, npm and PyPI credentials, Kubernetes secrets, Vault tokens, SSH keys, and other sensitive configuration files commonly present in development environments. Internal GitHub repositories and enterprise codebases were also identified as potential exposure points.
According to the threat analysis, the suspected attacker activity includes rapid credential theft following package installation, unauthorized access to internal systems, lateral movement across development and CI/CD infrastructure, and the resale or exploitation of leaked authentication tokens. Additional risks include supply chain propagation into dependent software projects and potential extortion attempts involving stolen data.
Recommended defensive measures outlined in the report include immediate rotation of exposed credentials across cloud and development platforms, verification and replacement of affected package versions, and isolation of potentially compromised systems for forensic review. Developers are also advised to inspect dependency lockfiles, monitor CI/CD logs for abnormal installations, and audit authentication events for signs of token misuse.
The guidance further emphasizes enhanced monitoring of credential usage, stricter validation of third-party dependencies, and proactive threat intelligence tracking for leaked secrets or related indicators of compromise. Security teams are additionally encouraged to monitor underground marketplaces for potential distribution of stolen credentials. The firm noted that it continues to track the situation and distribute updated intelligence to affected clients as the investigation develops.
Disclaimer
In line with the Trust Project guidelines, please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. MetaversePost is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.
About The Author
Alisa, a dedicated journalist at the MPost, specializes in crypto, AI, investments, and the expansive realm of Web3. With a keen eye for emerging trends and technologies, she delivers comprehensive coverage to inform and engage readers in the ever-evolving landscape of digital finance.
More articles
Alisa, a dedicated journalist at the MPost, specializes in crypto, AI, investments, and the expansive realm of Web3. With a keen eye for emerging trends and technologies, she delivers comprehensive coverage to inform and engage readers in the ever-evolving landscape of digital finance.
