Copycats imitate novel supply chain attack

A recent supply chain attack was done by security researcher Alex Birsan, who managed to infiltrate 35 big tech companies and earned himself more than six-figures in bounty rewards. Birsan created several npm packages named after private components being internally used by major companies as the proof-of-concept. After Birsan's disclosure went public, a huge amount of the identical npm repositories began to pop up, most likely due to copycats going for bounties. Read more...