GitHub is introducing a set of defenses against supply-chain attacks on the platform that led to multiple large-scale incidents recently. […]
from https://www.bleepingcomputer.com/news/security/github-tightens-npm-security-with-mandatory-2fa-access-tokens/