New Ongoing Campaign Targets npm Ecosystem with Unique Execution Chain
New Ongoing Campaign Targets npm Ecosystem with Unique Execution Chain
28 June 2023
"The packages in question seem to be published in pairs, each pair working in unison to fetch additional resources which are subsequently decoded and/or executed," software supply chain security firm Phylum said in a report released last week.