NPM Package 'is' with 2.8M Weekly Downloads Infected Devs with Malware
TL;DR The popular NPM package ‘is’, with 2.8 million weekly downloads, was compromised in a supply chain attack that injected backdoor malware, giving attackers full access to compromised devices. ...