Open Source Package With 1 Million Monthly Downloads Stole User Credentials
A widely-used software package was compromised to secretly harvest user login information, highlighting growing security risks in the open source ecosystem.
Read the full reporting at Ars Technica.
Originally reported by Ars Technica.