The latest Mini Shai-Hulud wave, compromising over 320 NPM packages including high-traffic libraries like timeago.js and echarts-for-react, reveals more than isolated maintainer negligence. Attackers weaponized the @antv namespace to inject install-time payloads that extract CI/CD secrets from GitHub runners, harvest credentials across 130+ paths including cloud providers and Kubernetes, and enable self-propagation through republishing logic. This iteration adds Python remote execution and Claude Code persistence, moving beyond credential theft into sustained access. Original coverage underplays downstream effects on data visualization tools routinely embedded in defense dashboards and industrial monitoring systems. Patterns echo SolarWinds and XZ Utils, where initial compromise cascades into espionage-scale reach. Microsoft and StepSecurity data confirm GitHub as both vector and exfil channel, with over 2,200 repositories already holding stolen artifacts. Systemic fragility stems from the absence of automated provenance checks and SBOM enforcement in most CI pipelines, allowing TeamPCP-linked operators to scale across ecosystems at unprecedented speed.