@parity/product-sdk-signer flagged credential stealer (npm) — Cremit · NHI Credential Stealer Index