Information securityfromTheregister2 weeks agoSelf-propagating worm fuels latest npm supply chain attackA self-propagating worm is compromising hundreds of npm packages to steal credentials and abuse victims' GitHub/npm tokens to spread further.