npm has forced a platform-wide reset of granular access tokens that bypass two-factor authentication (2FA) after a wave of supply chain attacks linked to the “Mini Shai-Hulud” campaign compromised hundreds of JavaScript packages. The emergency action, rolled out on May 19, invalidated all npm tokens with write permissions that allowed publishing without 2FA. The move […] The post Mini Shai-Hulud Attack Prompts npm to Revoke 2FA-Bypass Tokens appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/mini-shai-hulud-attack-prompts-npm/
