[SlowMist Detects High-Risk npm Worm Stealing Crypto Information] According to SlowMist monitoring, an npm worm named 'Mini Shai-Hulud' is spreading through projects like TanStack and UiPath, hijacking GitHub credentials to publish malicious packages and steal CI/CD keys, cloud service keys, and cryptocurrency wallet information. SlowMist recommends affected projects inspect the router_init.js file, rotate exposed credentials, and monitor abnormal activities.