Crims poison 150K+ npm packages with token-farming malwareAmazon spilled the TEA Yet another supply chain attack has hit the npm registry in what Amazon describes as "one of the largest package flooding incidents in open source registry… November 14, 2025
