Malicious Bun Script Found in NPM Package Bumps

3 points by kothariji 6 hours ago

*`package.json` includes a `preinstall` script running `node setup_bun.js`, along with `setup_bun.js` and `bun_environment.js` files that appear to contain the malware.*