Unpacking the AsyncAPI npm supply chain compromise and import-time payload delivery
In this article On July 14, 2026, Microsoft Threat Intelligence identified a coordinated supply chain compromise of the @asyncapi npm organization, a widely used set of packages for the AsyncAPI…