Search Public

ctrl/tinycolor and 40+ NPM Packages Compromised - StepSecurity

A pretty impressive and concerning compromise of a lot of JavaScript (and by extension TypeScript) packages.

·stepsecurity.io·Sep 16, 2025