Malicious code in @demica/core (npm)

Dep-confusion squat of internal @demica/core at sentinel high version 99.99.100 + auto-exec postinstall canary.js beaconing to RAW IP 157.230.17.236:80/dc. Sentinel-high-version + auto-exec beacon = MALICIOUS per operator policy c913; "authorized benign canary" framing does NOT downgrade, raw-IP...