NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks

GitHub pulls pin on npm's auto-run scripts

Upcoming breaking changes for npm v12

Fake web3 Job interview deploys stealthy cross platform (macOS/Windows) malware via compromised NPM packages in take home assessment