The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
It’s a regrettable reality that there is never enough time to cover all the interesting scientific stories we come across. So ...