Hijacked npm Packages Target API Keys Through Sophisticated Supply Chain Attack

Multiple cryptocurrency-related npm packages, active for over 9 years, were compromised to steal sensitive data through malicious obfuscated scripts. The attack, likely executed through compromised maintainer accounts, highlights critical security vulnerabilities in open-source software maintenance.