Security News GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks TheHackerNews Daniel Bender 11 Jun 2026 Share npm 12 disables install scripts by default, requiring explicit approval to reduce dependency-based code execution risks.
