AsyncAPI npm supply-chain compromise spreads malware through trusted packages
Attackers compromised the AsyncAPI npm organization and injected malicious code into multiple widely used packages, including generator and specs packages with more than two millio

