Vulnerabilities in GitHub NPM packages could allow threat actors to publishportswigger.net1 pointfeross5 years ago