Ongoing NPM supply chain attack uses binding.gyp to spread like a worm | Dark Hacker News