Shai Hulud Malware Infects Over 400 NPM Packages Including ENS Libraries

A supply chain attack on the NPM ecosystem has infected more than 400 JavaScript packages, including at least 10 crypto libraries tied to Ethereum Name Service, according to Aikido Security. The malware collects credentials from compromised environments and has spread to over 25,000 repositories. Aikido Security disclosed the breach on Monday after detecting unusual activity across the JavaScript package registry.