Thursday, July 9, 2026
NewsezeNews with Rewards · Earn while you read
+5 credits / query
cyber

npm 12 Disables Install Scripts by Default to Reduce Supply Chain Risk

Newseze Wire·Thu, Jul 9, 4:49 PMWire: The Hacker News
Open original source Read full story (in-site)
npm 12 Disables Install Scripts by Default to Reduce Supply Chain Risk

GitHub has officially announced the release of npm version 12 with install scripts disabled by default, along with deprecating granular access tokens (GATs) designed to bypass two-factor authentication (2FA). The Microsoft-owned subsidia…

Sourcing & attribution. Newseze provides AI-curated summaries, narrative framing, and editorial analysis. The underlying reporting was contributed by The Hacker News; tap “Open original source” above to read their full reporting and support the contributing newsroom directly.

Newseze Analysis96 words · original commentary · full read loading…
GitHub has officially announced the release of npm version 12 with install scripts disabled by default, along with deprecating granular access tokens (GATs) designed to bypass two-factor authentication (2FA). The Microsoft-owned subsidia… The story falls into Newseze's cyber desk and is being actively tracked by our editorial team. Calm framing, primary-source references, and respectful tone — every Newseze story is scored for drama and conspiracy before it reaches you. Worth knowing: Newseze refreshes its newsroom every hour and flags fast-moving local and breaking news as it develops. Watch this page for updates. Reporting: The Hacker News.
Ask Us · Any Story, Any AnswerBe the first to ask

Newseze's algorithm reads the story and answers your question — calmly, factually, with source attribution. No comments, no flame wars — just answers.

No questions yet. Be the first.

Answers reflect Newseze's editorial framework applied under fair use (17 U.S.C. § 107). Not financial, legal, medical, or tax advice. Hate speech and racial slurs are blocked.

Related stories

Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs
CYBERTrending Righttrust 78
Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs

Why it mattersDatadog Security Labs is warning of "several overlapping campaigns" that are systematically enumerating corporate GitHub organizations, repositories, and user accounts through the GitHub API. "Operators rely on auto…

Datadog Security Labs is warning of "several overlapping campaigns" that are systematically enumerating corporate GitHub organizations, repositories, and user a…

ChellaBy Chella·30m ago
WireThe Hacker News
Full Analysis Comment PostRead →
New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware
CYBERtrust 75
New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware

Why it mattersMicrosoft has taken apart a destructive Windows backdoor it calls GigaWiper. What stands out is how it is built: not one tool but three older destructive programs bolted into one, offered as commands the operator can cho…

Microsoft has taken apart a destructive Windows backdoor it calls GigaWiper. What stands out is how it is built: not one tool but three older destructive progra…

ChellaBy Chella·1h ago
WireThe Hacker News
Full Analysis Comment PostRead →