This is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is.
Post
Socket
socket.dev
did:plc:n6f3j47vjucu5ijwdmow7n2w
🚨 BREAKING: Socket is investigating an active npm supply chain attack compromising hundreds of packages in the @​antv ecosystem.
The malicious publish wave appears tied to Mini Shai-Hulud and packages connected to the npm maintainer account atool.
2026-05-19T02:59:01.069Z