GitHub has announced a security-focused overhaul of npm with the upcoming release of npm v12, introducing stricter default controls designed to mitigate software supply chain attacks and prevent unauthorized code execution during package installation. The changes, currently available as opt-in warnings in npm version 11.16.0 and later, are expected to become the default behavior when […]
The post GitHub to Automatically Disable npm Script Installs Against Attacks appeared first on Cyber Security News.