Active Supply Chain Attack Compromises @antv Packages on npm

Socket’s Threat Research team is investigating an active npm supply chain attack involving compromised packages in the @antv ecosystem.

The attack affects packages tied to the npm maintainer account atool, including echarts-for-react, a widely used React wrapper for Apache ECharts with roughly 1.1 million weekly downloads. Socket quickly detected the malicious publish wave and classified the affected versions as known malware.

Socket’s internal review identified hundreds of unique packages. The pattern matches Mini Shai-Hulud, a high-volume npm compromise pattern involving coordinated malicious publishes across packages tied to a compromised maintainer account.

The affected package set includes widely used @antv packages such as @antv/g2, @antv/g6, @antv/x6, @antv/l7, @antv/s2, @antv/f2, @antv/g, @antv/g2plot, @antv/graphin, and @antv/data-set, along with related packages outside the @antv namespace, including echarts-for-react, timeago.js, size-sensor, canvas-nest.js, and others.

The potential blast radius is significant because the affected publishing account is connected to widely used packages across data visualization, graphing, mapping, charting, and React component ecosystems. Even if only a subset of those packages received malicious updates, the popularity of the package ecosystem creates meaningful downstream exposure for organizations that automatically pull new dependency versions.

That scale makes this one of the larger npm supply chain incidents Socket has investigated recently.

This is a developing story. Socket is continuing to investigate the full scope of the compromise and will update this post as additional affected packages, versions, and payload details are confirmed.

Recommended Action#

Developers and security teams should immediately review recent installs and lockfiles for packages in the @antv ecosystem and packages published by atool.

Affected Packages#