Security consultant Lance Vick recently acquired the expired domain used by the maintainer of a widely used NPM package to remind the JavaScript community that the NPM Registry still hasn’t implemented adequate security. “I just noticed ‘foreach’ on NPM is controlled by a single maintainer,”
Read full article on The Register