NPM flooded with malicious packages downloaded more than 86,000 times
Attackers are exploiting a major weakness that has allowed them access to the NPM code repository with more than 100 credential-stealing packages since August, mostly without detection. The finding, laid out Wednesday by security firm…