Technology ❯ Software Development ❯ Open Source ❯ Security
The breach began with a fake npm 2FA reset that let attackers push malicious updates to widely used libraries.
