Miasma campaign poisons 20-plus npm packages, hunts for developer secrets
Attackers have poisoned over 20 npm packages, targeting developer secrets and credentials, by compromising a maintainer account and automating malicious updates, which could lead to widespread exposur
