Dependency Confusion attack

An important note on the security of the npm ecosystem.