822K Downloads at Risk: Malicious node-ipc Versions Spotted Stealing AWS and Private Keys

Slowmist confirmed three malicious node-ipc npm versions on May 14, 2026, stealing AWS keys, SSH secrets, and .env files via DNS tunneling.

Raccontata dathehackernews.comnews.bitcoin.combleepingcomputer.com