NPM debug and chalk packages compromised
Starting at September 8th, 13:16 UTC, our Aikido intel feed alerted us to a series packages being pushed to npm, which appeared to contain malicious code. These were 18 very popular packages, backslash (0.26m downloads per week) chalk-template (3.9m downloads per week) supports-hyperlinks (19.2m downloads per week) has-ansi (12.1m downloads per week) simple-swizzle (26.26m downloads per week) color-string (27.48m downloads per week) error-ex (47.17m downloads per week) color-name (191.71