#npm

Dependency Confusion Attacks: How Package Names Steal Your Code

Dependency confusion attacks exploit package managers by uploading malicious packages with internal names to public registries.