🧯 The Staff Safety Desk Archive

Today on the desk: a self-propagating npm/PyPI worm that shipped malware with valid SLSA provenance, fresh CVEs in urlli…