GitHub Aims to Improve npm Security After Malware Campaigns
GitHub said the changes will help "fortify the security of the software supply chain" after a recent surge of attacks targeting the npm ecosystem.
All topics
Open source
2 Posts
Attack Compromises Popular NPM Packages
The affected packages include Chalk and Debug, and one of the contributors to those packages said the compromise was the result of him clicking on a phishing email related to setting up 2FA on his account.