Socket (@SocketSecurity) “🚨 BREAKING: Socket is investigating an active npm supply chain attack compromis”

Socket

@SocketSecurity

Socket is the #1# software supply chain security platform. Next-gen SCA + SBOM + 0-day prevention. LOVED BY DEVELOPERS. 👀 @npm_malware

加入 November 2021

4.6K 正在关注 17.1K 粉丝

Socket@SocketSecurity

2026.05.19 02:51

🚨 BREAKING: Socket is investigating an active npm supply chain attack compromising hundreds of packages in the @antv ecosystem. The malicious publish wave appears tied to Mini Shai-Hulud and packages connected to the npm maintainer account atool.

显示更多

990

236

转发到社区

热门用户

898.2K 粉丝

1.1M 粉丝

26M 粉丝

45.1M 粉丝

46.7M 粉丝

858.8K 粉丝

13.7M 粉丝

6.3M 粉丝

2.7M 粉丝

1.2M 粉丝

731.1K 粉丝

12.6M 粉丝

3.5M 粉丝

3M 粉丝

427.9K 粉丝

Socket (@SocketSecurity) “🚨 BREAKING: Socket is investigating an active npm supply chain attack compromis” — TopicDigg