TechThe Register3h ago
Another npm supply chain worm is tearing through dev environments
Plus, the payload references 'TeamPCP/LiteLLM method' Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as it moves through developers' environments, and it shares significant overlap with the open source…
Read full articleSource: The Register · Opens in new tab