Malicious NPM packages have been leveraged to compromise two banks in February and April, marking the first two instances of open-source software supply chain attacks against the banking industry, according to The Record, a news site by cybersecurity firm Recorded Future.
Article Link: https://cms.cyberriskalliance.com/brief/cybercrime/banking-industry-hit-by-novel-open-source-supply-chain-attacks