GitHub moves to tighten npm security amid phishing, malware plague

Hundreds of compromised packages pulled as registry shifts to 2FA and trusted publishing
GitHub, which owns the npm registry for JavaScript packages, says it is tightening security in response to recent attacks.…The RegisterRead More