GitHub Tightens npm Security with Trusted Publishing Amid Supply Chain Attacks

Sep 23, 2025 · 2 min read · GitHub announced on Monday that it will soon revamp its authentication and publishing options in response to a surge of supply chain attacks targeting the npm ecosystem, including the high-profile Shai-Hulud incident. The new measures aim to combat t...