A malicious npm dependency slipped into an AI-assisted crypto trading project has exposed how automated coding tools can be manipulated into importing software that steals credentials, wallet data and ...