Technology ❯ Software Development ❯ Open Source Software ❯ Security
The breach began with a fake npm 2FA reset that let attackers push malicious updates to widely used libraries.
