In an ongoing campaign, a threat actor is leveraging npm packages to target developers to steal source code and secrets.

Click here for the full alert.