npm debug and chalk packages compromised (Aikido)
The Aikido blog https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised
an apparently ongoing series of phishing attacks against NPM package
maintainers, resulting in the uploading of compromised versions of heavily
used packages:
All together, these packages have more than 2 billion downloads per
week.
The packages were updated to contain a piece of code that would be
executed on the client of a website, which silently intercepts
crypto and web3 activity in the browser, manipulates wallet
interactions, and rewrites payment destinations so that funds and
approvals are redirected to attacker-controlled accounts without
any obvious signs to the user.