Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise
Source: Theregister
Published:
<p>Popular JavaScript modules including size-sensor and echarts-for-react hit as hijacked account closed GitHub warnings</p> <p>An npm account compromise infected 314 npm packages with malware, including size-sensor, echarts-for-react, timeago.js, and packages scoped to @antv, in a 22-minute burst o