11106 shaares
393 private links
393 private links
NPM packages are attacked again. The first infected package is go-template then hundreds. The most major ones are Zapier, ENS, AsyncAPI, PostHog, Browserbase, and Postman.'
Other source: https://www.stepsecurity.io/blog/sha1-hulud-the-second-coming-zapier-ens-domains-and-other-prominent-npm-packages-compromised
