The protections against NPM supply chain attacks could be bypassed, leading to arbitrary code execution.

The post ‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks appeared first on SecurityWeek.