FYI: https://www.theregister.com/2025/09/16/npm_under_attack_again/
Self-propagating worm fuels latest npm supply chain compromise Intrusions bear the same hallmarks as recent Nx mess -- You received this message because you are subscribed to the Google Groups "sage-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/d/msgid/sage-devel/CAGUWgD9KJYMKqTj63Ypri2zkRUWcewU94t%3DX%2B3thFBaO_KXFrw%40mail.gmail.com.
