Malicious Postinstall Hook Found in 700 GitHub Repos, Including Node Projects

Security researchers discovered a malicious postinstall hook embedded in over 700 GitHub repositories, including legitimate Node.js projects. The script exfiltrates sensitive data such as system environment variables and API keys to an external server, posing a significant supply chain risk to developers who clone or install these packages.