ByteBrief
We're a portrait publication through and through. Turn your phone back and your briefing picks up right where you left it.
(We tried widescreen once. It wasn't us.)
A typosquat package named supabase-javascript appeared on npm to phish developers. npm took it down hours later after real downloads. Supabase Edge Functions, CLI, and libraries pull from npm, making credential leaks possible. The post details three common attack patterns and immediate mitigations.
Tap to vote and see what everyone thinks.
Summary by ByteBrief