Without altering a single line of code, attackers poisoned the NPM package “bignum” by hijacking the S3 bucket serving binaries necessary for its function and replacing them with malicious ones
At a moment when education technology firms are stockpiling sensitive information on millions of school children, safeguards for student data have broken down.