Once again, if you are using npm, you may be compromised
>Threat actors have slipped malicious code into hundreds of NPM packages — including major ones from Zapier, ENS, AsyncAPI, PostHog, Browserbase, and Postman.
https://www.aikido.dev/blog/shai-hulud-strikes-again-hitting-zapier-ensdomains