NPM supply chain attack - why our platform is secure
· One min read
What happened
This week, attackers compromised developer accounts on npmjs.org and published manipulated versions of well-known open-source packages. These packages are downloaded billions of times each week. The injected code was designed to capture data and redirect transactions.