GitHub tightens npm security with mandatory 2FA, access tokens

GitHub is introducing a set of defenses against supply-chain attacks on the platform that led to multiple large-scale ...
Cyber Daily

GitHub to address npm supply chain as CISA warns of spreading Shai-Hulud worm

Popular code repository GitHub is taking action against hackers targeting popular JavaScript code packages to spread malware.

Macs under attack from malware impersonating popular password managers — how to stay safe

A new malware campaign is impersonating popular password managers to steal sensitive personal data from Mac users.
Cybernews

CISA, GitHub take action after massive NPM supply chain compromise

CISA and GitHub have responded to a widespread supply chain attack involving the Shai-Hulud worm compromising over 500 NPM packages.