Security News npm’s Update to Harden Their Supply Chain, and Points to Consider TheHackerNews Daniel Bender 13 Feb 2026 npm’s token overhaul boosts security, but MFA bypass, phishing, and console access still enable supply-chain attacks.
