This article details a significant npm supply chain attack that compromised an engineer's credentials, allowing unauthorized access to multiple repositories. The attacker cloned 669 repositories and closed numerous pull requests before being detected and removed from the GitHub organization. Thankfully, published packages remained secure throughout the incident.