https://gbhackers.com/malicious-npm-package/
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Malicious npm Package with 206K Downloads Targeting GitHub Repositories to Steal Tokens
On Friday, November 7th, Veracode Threat Research discovered a dangerous typosquatting campaign targeting developers using GitHub Actions.
