Walker<p>Software Supply Chain npm package compromise.</p><p>July 18, reported eslint-config-prettier npm package was modified to include info stealing node-gyp.dll (c68e42f416f482d43653f36cd14384270b54b68d6496a8e34ce887687de5b441)</p><p>Highlighting the ongoing threat to package security and software development. </p><p><a href="https://www.stepsecurity.io/blog/supply-chain-security-alert-eslint-config-prettier-package-shows-signs-of-compromise" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">stepsecurity.io/blog/supply-ch</span><span class="invisible">ain-security-alert-eslint-config-prettier-package-shows-signs-of-compromise</span></a></p><p><a href="https://infosec.exchange/tags/python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>python</span></a> <a href="https://infosec.exchange/tags/SoftwareSupplyChains" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareSupplyChains</span></a> <a href="https://infosec.exchange/tags/softwaredevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>softwaredevelopment</span></a> <a href="https://infosec.exchange/tags/secdevops" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>secdevops</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a></p>