ByteBrief
Skimming the internet so you don't have to
Malicious npm Packages Had Valid Signatures | ByteBrief