[SECURITY]■ STORY TIMELINE
NPM SUPPLY CHAIN ATTACK STEALS TOKENS, SELF-SPREADS
A new npm supply chain attack is harvesting developer authentication credentials and automatically spreading through packages published from compromised accounts. The attack demonstrates a concerning escalation in threats targeting the Node.js ecosystem.
Bleeping Computer+0m
A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attem…