SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.
A $292 million exploit and $13 billion TVL drop looks catastrophic on the surface, but the data tells a different story.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results