An escalating npm supply chain attack has compromised dozens of foundational JavaScript packages to spread malware and drain ...