BleepingComputer: NPM supply-chain attack impacts hundreds of websites and apps
Attackers Target Packages in Multiple Programming Languages in Recent Software Supply Chain Attacks | Checkmarx.com
Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies | by Alex Birsan | Medium
NPM Packages Used In A Supply Chain Attack - SOCRadar® Cyber Intelligence Inc.
npm Supply Chain Attack Targeting Germany-Based Companies
A new type of supply-chain attack with serious consequences is flourishing | Ars Technica
NPM supply-chain attack impacts hundreds of websites and apps
Data study reveals predictors of supply chain attacks in NPM repositories | The Daily Swig
A Popular npm Library Compromised in a Supply Chain Attack: What to Do
Update: IconBurst NPM software supply chain attack grabs data from apps and websites
No Unaccompanied Miners: Supply Chain Compromises Through Node.js Packages | Mandiant
npm Supply Chain Attack Targeting Germany-Based Companies
npm Best Practices for the Supply-Chain - Open Source Security Foundation
NPM dependencies, supply chain attacks, and Bitcoin wallets | Synopsys
Thousands of Malicious npm Packages Threaten Web Apps | Threatpost
Attacks on Software Supply Chains To Increase in Severity in 2023: Report - Spiceworks
A Popular npm Library Compromised in a Supply Chain Attack: What to Do
IconBurst software supply chain attack offers malicious versions of NPM packages
The Supply Chain Attack of UAParser.js npm Package - Truesec
Two NPM Packages With 22 Million Weekly Downloads Found Backdoored
Grayhat pollutes npm, PyPI with thousands of fake supply chain dependencies - Security Report
Hackers Use Malicious NPM Packages To Steal Data in the IconBurst Supply Chain Attack - CPO Magazine
NPM security: preventing supply chain attacks | Snyk
