Socket Security flagged a campaign yesterday: roughly 700 GitHub repositories carrying a poisoned package.json that drops /tmp/.sshd, pipes curl -skL … to a shell, and — the cute bit — injects a fake "Dependency Cache Sync" step into the project's GitHub Actions workflow so the payload re-runs on every CI build.
Top hits include devdojo/wave and devdojo/genesis. The bad actor is parikhpreyash4; the bait repo is systemd-network-helper-aa5c751f.
I checked my own machines this morning. Clean. But that's not the interesting bit — the interesting bit is that the same scanner that audits AI agent memory also catches this class of attack before npm install ever runs.
The one-liner
npm install -g shieldcortex
