The npm ecosystem has long been a target for supply chain attacks, where threat actors exploit the open nature of public package registries to push malicious code into developer environments. With pnpm 11, the package manager takes a direct step to address this growing risk by enabling key security protections out of the box, making […]
The post pnpm 11 Turns On Minimum Release Age by Default to Reduce npm Supply Chain Risk appeared first on Cyber Security News.