Headline
Huge NPM Supply Chain Attack Goes Out With Whimper
Threat actors phished Qix’s NPM account, then used their access to publish poisoned versions of 18 popular open source packages accounting for more than 2 billion weekly downloads.
Threat actors phished Qix’s NPM account, then used their access to publish poisoned versions of 18 popular open source packages accounting for more than 2 billion weekly downloads.