Researchers Detect Malicious npm Package Targeting GitHub-Owned Repositories
- Posted on November 11, 2025
- By The Hacker News
- 1 Views
Researchers Detect Malicious npm Package Targeting GitHub-Owned Repositories
Veracode exposes npm package "@acitons/artifact" stealing GitHub tokens via build scripts.
