Technology ❯ Cybersecurity ❯ Supply Chain Security ❯ Software Supply Chain Attacks

npm Package Compromise

Phished npm Maintainer’s Packages Used in Crypto-Clipping Attack as Rapid Takedown Limits Damage

The breach began with a fake npm 2FA reset that let attackers push malicious updates to widely used libraries.