Security researchers at Checkmarx have discovered a new npm supply chain attack that utilizes a typosquatting technique with a malicious package named “jest-fet-mock,” which targets development environments and employs Ethereum smart contracts for command-and-control communication.
View full story…