Information security
fromTheregister
5 hours agoWormable npm attack returns as 25,000 repos spill secrets
A wormable npm malware campaign (Shai-Hulud 2.0) compromised over 25,000 developer secrets by trojanizing packages and publishing stolen credentials to victims' GitHub repositories.