A researcher warned that more than 400 NPM libraries, including at least 10 crypto packages mostly tied to ENS, were compromised by Shai Hulud malware.