Five malicious versions of AsyncAPI npm packages were distributed through a supply-chain attack designed to steal credentials and provide remote access to compromised systems. Organizations using these packages should immediately audit their npm dependenc
Read the full article: https://www.bleepingcomputer.com/news/security/-asyncapi-npm-packages-infected-with-credential-stealing-malware/