Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens
Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.
More info