🚨 Malicious update to @ctrl/tinycolor on npm is part of an active supply chain attack hitting 40+ packages across multiple maintainers. Audit & remove affected versions.

Our analysis of the malware: https://socket.dev/blog/tinycolor-supply-chain-attack-affects-40-packages

#NodeJS#JavaScript