npm compromise: A widespread JavaScript package supply-chain attack altered popular packages to target crypto wallets; despite broad reach, Arkham Intelligence reports the actor has extracted just $1,043 so far, largely
