Security News Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks TheHackerNews Daniel Bender Jun 4, 2025 Malicious packages on npm, PyPI, and Ruby exfiltrate wallets, delete projects, and exploit AI tools—threatening developers and CI/CD pipelines.
