New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.
WBEZ

In the Loop with Sasha-Ann Simons

You’ve seen the headlines. Now let’s break them open. Sasha-Ann Simons connects you with the people behind the stories: experts, neighbors and newsmakers who shape the city we share. It’s news, ...