Node-ipc supply chain attack targets crypto devs

Attackers hijacked a dormant npm maintainer account and pushed malicious node-ipc versions that steal crypto keys, AWS tokens, and exchange API secrets.