Summary

The article reports on a new supply chain attack named 'Shai-Hulud' that has infected 640 NPM packages. This self-replicating worm poses a severe threat as it can erase home directory contents if it fails to propagate to additional repositories.