Technology ❯ Cybersecurity ❯ Supply Chain Security ❯ Software Vulnerabilities

NPM Package Compromise

Phished npm Maintainer’s Packages Used in Crypto-Clipping Attack as Rapid Takedown Limits Damage

The breach began with a fake npm 2FA reset that let attackers push malicious updates to widely used libraries.