Microsoft-owned GitHub has introduced new npm security updates in response to an uptick in occurrences involving malicious npm packages.
The new enhancements go along with the obligatory two-factor authentication (2FA) feature that the code-sharing platform has been implementing over the past several months. They come after the launch of an upgraded verification for npm accounts that was announced in March.
With the new experience, login and publishing are controlled in the browser, enabling users to publish multiple times using the same IP and access token without seeing the 2FA question for five minutes and login to an existing session by providing simply the second factor or email verification.
For more such updates follow us on Google News ITsecuritywire News