Fake npm 2FA reset email led to compromise of popular code packages

Fake npm 2FA reset email led to compromise of popular code packages 2025-09-09 at 16:51 By Zeljka Zorz Malicious versions of at least 18 widely used npm packages were uploaded to the npm Registry on Monday, following the compromise of their maintainer’s account. “The packages were updated to contain a piece of code that would […]

React to this headline:

Loading spinner

Fake npm 2FA reset email led to compromise of popular code packages Read More »