Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack
In a supply chain attack, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack. [...]