[tomek@vz]

Citiraj:

Supply chain attacks are traditionally designed to inflict maximum damage on structured organizations or companies. However, when such an attack compromises a supply chain that an entire software ecosystem depends on, the consequences can be truly unprecedented.
Earlier this week, the Npm package manager suffered what may be its worst security incident to date. Unknown cybercriminals managed to compromise the account of Josh "Qix" Junon, one of the core maintainers of the Npm project. As a result, several of the most critical packages in the JavaScript ecosystem were infected with a backdoor designed to steal user and developer cryptocurrency in bulk.

> Techspot