Macs under attack from malware impersonating popular password managers — how to stay safe

A new malware campaign is impersonating popular password managers to steal sensitive personal data from Mac users.

GitHub tightens npm security with mandatory 2FA, access tokens

GitHub is introducing a set of defenses against supply-chain attacks on the platform that led to multiple large-scale ...
Cybernews

CISA, GitHub take action after massive NPM supply chain compromise

CISA and GitHub have responded to a widespread supply chain attack involving the Shai-Hulud worm compromising over 500 NPM packages.