Software supply chain attack targets open-source developers in npm via malicious packages that steal Ethereum private keys, gain SSH persistence.| Phylum Research | Software Supply Chain Security
