On September 15, attackers launched a targeted phishing campaign to compromise NPM maintainer accounts and inject malicious code into popular JavaScript packages. The attack enabled supply chain compromise, affecting key packages used in application development and cryptography....