NPM security update: Attack campaign using stolen OAuth tokensgithub.blog272 pointstodsacerdoti4 years ago