How to Triage npm Malware Incidents | Free npm SBOM Tool for Fast Response

A new, active npm supply-chain campaign—an evolved Shai-Hulud worm variant—is compromising high-profile npm packages, executing during pre-install to steal developer secrets (with over 25,000 developers reportedly affected and ~16,000 repositories exposing stolen credentials) and in some cases wiping victims' home directories; the report provides triage playbooks, a safe SBOM generation tool, detection guidance, and mitigation steps for rapid incident response.