Sindresohrus asked ChatGPT what the malware does: https://github.com/chalk/chalk/issues/656#issuecomment-3266900029

For anyone trying to find the packages which are affected, here is (apparently) the npm maintainer who got pwned and tells which packages contain bad code https://news.ycombinator.com/item?id=45169794

Source: https://news.kiwistand.com/stories/npm-debug-and-chalk-packages-compromised?index=0x68bf2047c413e4d3973945200f7945a43973b843895610f7ae44305c05008b643ea7bfd0

I did a bunch of checks and from what I can tell, this version of Kiwi News is, for now unaffected of the issues