Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
ANTV INC

ANTV INC Vendor Cyber Rating & Cyber Score

airlegant.net

ANTV INC originated in 1980, is a high-tech enterprise in the industry for 40 years, with R&D, Production, Sales and Technical & Support Services. ANTV's Headquarter and Emerging Strategic Center are based in Los Angeles. The R&D Teams and factory are situated in Shenzhen, and the center of Marketing is located in Guangzhou.


ANTV INC A.I CyberSecurity Scoring

ANTV INC
Company Information
Website:https://www.airlegant.net/
Employees number:1
Number of followers:104
NAICS:335
Industry Type:Appliances, Electrical, and Electronics Manufacturing
Homepage:airlegant.net
ANTV INC Risk Score (AI oriented)
Between 700 and 749
logo
ANTV INCAppliances, Electrical, and Electronics Manufacturing
Updated:
21/05/2026
731/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
ANTV INC Global Score (TPRM)
xxxx
logo
ANTV INCAppliances, Electrical, and Electronics Manufacturing
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

ANTV INC
ANTV INCModerate
Current Score
731Ba (MODERATE)
01000
1 incidents
-14 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
732Before Incident
JUNE 2026
732Before Incident
MAY 2026
745Before Incident
Cyber Attack
21 May 2026ANTV INC
@antv and GitHub: Mini Shai-Hulud Compromises @antv npm Packages to Steal CI/CD Credentials

Sophisticated 'Mini Shai-Hulud' Supply Chain Attack Targets @antv npm Ecosystem

731After Incident
CRITICAL-14
ANTGIT1779395279
Sophisticated "Mini Shai-Hulud" Supply Chain Attack Targets @antv npm Ecosystem A newly uncovered supply chain attack, dubbed Mini Shai-Hulud, compromised the @antv npm ecosystem a widely used collection of data visualization libraries with devastating precision. The campaign, discovered by Microsoft security researchers, exploited a maintainer account to publish malicious versions of popular packages, including echarts-for-react, which boasts over one million weekly downloads. The attack spread rapidly, infecting thousands of developer pipelines within hours. The payload, a 499 KB obfuscated JavaScript file, executed automatically during `npm install`, targeting GitHub Actions environments to steal credentials from cloud services like AWS, HashiCorp Vault, Kubernetes, npm, and 1Password. It bypassed standard secret masking by scraping process memory directly from GitHub Actions runners. To evade detection, the malware employed two layers of obfuscation Base64-encoded strings and a custom cipher using PBKDF2 and SHA-256 and exited immediately if not running in a GitHub Actions Linux environment. Data exfiltration occurred via encrypted HTTPS to a command-and-control domain or through GitHub’s Git Data API, creating commits in victim repositories. GitHub responded by removing 640 malicious packages and invalidating over 61,000 npm tokens. The @antv maintainers confirmed the breach has been resolved, though Microsoft advises developers to audit dependency trees, rotate exposed credentials, and check for unexpected public repositories created during the attack window. Indicators of compromise include the malicious payload’s SHA-256 hashes (a68dd1e6a6e35ec3771e1f94fe796f55dfe65a2b94560516ff4ac189390dfa1c and fb5c97557230a27460fdab01fafcfabeaa49590bafd5b6ef30501aa9e0a51142) and the domain t.m-kosche[.]com:443. The attack highlights the growing threat of supply chain compromises in open-source ecosystems.
INCIDENT DETAILS -
TYPE
Supply Chain Attack
MOTIVATION
Credential theft, data exfiltration
IMPACT
Data Compromised: Credentials from AWS, HashiCorp Vault, Kubernetes, npm, and 1PasswordSystems Affected: Developer pipelines, GitHub Actions environmentsOperational Impact: Thousands of developer pipelines infected within hoursBrand Reputation Impact: Potential reputational damage to @antv and affected organizationsIdentity Theft Risk: High (exposed credentials)
DATA BREACH
Type Of Data Compromised: Credentials (AWS, HashiCorp Vault, Kubernetes, npm, 1Password)Sensitivity Of Data: High (cloud service credentials, secrets)Data Exfiltration: Yes (via encrypted HTTPS to C2 domain or GitHub’s Git Data API)Data Encryption: Yes (PBKDF2 and SHA-256 for obfuscation)
APRIL 2026
745Before Incident
MARCH 2026
745Before Incident
FEBRUARY 2026
745Before Incident
JANUARY 2026
745Before Incident
DECEMBER 2025
745Before Incident
NOVEMBER 2025
745Before Incident
OCTOBER 2025
745Before Incident
SEPTEMBER 2025
745Before Incident
AUGUST 2025
745Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for ANTV INC ?
?
What was ANTV INC's A.I Rankiteo Cyber Score in June 2026 ?
?
What was ANTV INC's A.I Rankiteo Cyber Score in May 2026 ?
?
What was ANTV INC's A.I Rankiteo Cyber Score in April 2026 ?
?
What was ANTV INC's A.I Rankiteo Cyber Score in March 2026 ?
?
What was ANTV INC's A.I Rankiteo Cyber Score in February 2026 ?
?
What was ANTV INC's A.I Rankiteo Cyber Score in January 2026 ?
?
What was ANTV INC's A.I Rankiteo Cyber Score in December 2025 ?
?
What was ANTV INC's A.I Rankiteo Cyber Score in November 2025 ?
?
What was ANTV INC's A.I Rankiteo Cyber Score in October 2025 ?
?
What was ANTV INC's A.I Rankiteo Cyber Score in September 2025 ?
?
What was ANTV INC's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on ANTV INC's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with ANTV INC ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view ANTV INC's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?