On May 19, 633 malicious npm package versions passed Sigstore provenance verification. They were cleared by the system because the attacker had generated valid signing certificates from a compromised ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results