From typos to takeovers: Inside the industrialization of npm supply chain attacks A dramatic spike in npm-focused intrusions shows how attackers have shifted from opportunistic typosquatting to ...