A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.
Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results