Security News New ‘IndonesianFoods’ worm floods npm with 100,000 packages BleepingComputer Daniel Bender 13 Nov 2025 A self-spreading package published on npm spams the registry by spawning new packages every every seven seconds, creating large volumes of junk.
