
Attackers didn't need a fake package this time. They hijacked #AsyncAPI's own CI/CD pipeline and shipped the malware through the real one – 2.9 million weekly downloads before anyone caught it. Full attack breakdown: cloudsmith.com/blog/inside-th…
English











