Infosecurity-magazine.com

Popular npm Package Compromised in Phishing Attack

A significant security incident involving the widely used npm package “eslint-config-prettier” has been uncovered. The package, downloaded more than 3.5 billion times, was compromised on July 18 after ...
Hosted on MSN

Not pretty, not Windows-only: npm phishing attack laces popular packages with malware

The popular npm package "is" was infected with cross-platform malware, around the same time that linting utility packages used with the prettier code formatter were infected with Windows-only malware.