GitHub Overhauls npm Security After a Self-Replicating Worm Attack
GitHub has announced sweeping changes to its npm authentication and package publication system, aimed at strengthening defenses against supply chain attacks. The catalyst for these reforms was the recent Shai-Hulud campaign—a malicious self-propagating worm...
