How a Compromised NPM Package Revealed GitHub Workflow Vulnerabilities
\
In December 2023, it was discovered that an NPM package commonly used by decentralized web applications (dApps) had been compromised. The package in question, ==@ledgerhq/connect-kit==, is maintaine...