New Shai-Hulud malware wave compromises 600 npm packages

Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a ...
GitHub

aiko-chan-ai/discord.js-selfbot-v13

The use of this module under a different name on NPM (or another source besides this Github) is not associated with this library. When using these libraries, you accept the risk of exposing your ...
Cryptopolitan on MSN

Node-IPC supply chain attack targets crypto devs

Attackers hijacked a dormant npm maintainer account and pushed malicious node-ipc versions that steal crypto keys, AWS tokens ...