Information security
fromZDNET
6 days agoThis 2FA phishing scam pwned a developer - and endangered billions of npm downloads
A phishing attack compromised npm accounts, injecting malicious updates into 18 packages with over two billion weekly downloads, which npm removed quickly.