JavaScript packages with billions of downloads were injected with malicious code in world's largest supply chain hack, geared to steal crypto — a phishing email is all it took to undermine npm packages

Read post on tomshardware.com

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.