Story

GitLab discovers a widespread supply chain attack targeting the npm package ecosystem, with malicious packages designed to steal sensitive information and gain unauthorized access to systems. The article details the investigation and steps taken by GitLab to address the issue and protect its users.