Information security
fromTheregister
2 months agoSelf-propagating worm fuels latest npm supply chain attack
A self-propagating worm is compromising hundreds of npm packages to steal credentials and abuse victims' GitHub/npm tokens to spread further.