1,300 Malicious Packages Found in Popular npm JavaScript Package Manager
Malicious actors are using the npm registry as the start point for open source software (OSS) supply chain attacks.
Open source software offers huge potential for criminals and nation states to deliver widespread supply chain attacks. OSS registries provide a major feeding ground with easy access.