GitHub Worm Hits npm Packages With 16M Downloads

Key Takeaways Mini Shai-Hulud exploited GitHub Actions on May 19, compromising 300+ npm packages across 16M weekly downloads. • The malware installs a …