A new supply chain attack targets AI agents via compromised npm packages. Seventy-three packages have been found to contain a credential-stealing malware that runs immediately upon installation, posing a significant risk to developers and their projects. This incident highlights a growing threat vector that could compromise sensitive information and project integrity.
Opening Kapyn…