New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.
The New York Times

New York Times - Top Stories

Iranian Forces Claim to Seize 2 Ships After Trump Extends Truce Iran said it had attacked and seized two cargo ships near the Strait of Hormuz, state media reported. Both sides were seeking to exert ...