Malicious npm package: 'ripshakti' v80.0.0 (CRITICAL) runs a preinstall script to steal AWS IAM credentials & env secrets, exfiltrating to attacker. Remove, revoke exposed creds, and monitor logs. Details: https://radar.offseq.com/threat/mal-2026-6701-malicious-code-in-ripshakti-npm-d7699e4f981c4772 #OffSeq #npm #CloudSec #SupplyChain
