Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack | TechCrunch

techcrunch.com

The attacks are part of a wider campaign known as Mini Shai-Hulud, which has already compromised several open source projects and, in turn, developers and companies that use them.