Share Facebook Twitter LinkedIn Pinterest Email A GitHub worm is affecting npm packages, with initial reports indicating over 16 million downloads of potentially compromised code.