TechCrunch5/19/2026Tech1 min readUnited States

Hackers Compromise Popular Open Source Projects in Cyberattack

cyberattack open source supply-chain attack

Quick Look

Cybersecurity firms StepSecurity and SafeDep warned of a new wave of supply-chain attacks targeting open source projects.
Hackers compromised developer accounts to push malicious updates, stealing credentials and spreading malware.
Alibaba's Antv library was among the affected packages.

AI-generated summary

Why It Matters

Hackers are employing supply-chain attacks to compromise popular open source projects, aiming to plant malicious updates that are then distributed to users. This strategy leverages the trust developers place in these widely used code libraries.

Font size

In an ongoing cyberattack, hackers have compromised several popular open source projects that software developers all over the world rely on.

On Tuesday, cybersecurity firms StepSecurity and SafeDep warned of the latest wave of supply-chain attacks, which aim to compromise developers of popular open source projects and use that access to plant malicious updates that are pushed to users downstream.

According to SafeDep, hackers took over the account of one developer and released over 630 malicious versions across 317 packages in about 20 minutes. The goal of the attack is to steal credentials for various services, including password managers, as a way to steal data and continue spreading the malware.

Among the packages that the hackers compromised is Antv, a library made by Alibaba. In some cases, the hackers published malicious updates on GitHub, according to JFrog Security.

This latest wave of attacks is part of a wider campaign targeting open source projects and the developers who use the code for their own projects. Researchers have dubbed the hacks “Mini Shai-Hulud,” after the attack followed a previous, more expansive hacking campaign.