| ▲ | polynomial 5 days ago | |
The article says the victim used 2fa. How did the attacker know their 2fa in order to send them a fake 2fa request? | ||
| ▲ | fastest963 4 days ago | parent [-] | |
They MITM the real sign-in on NPM. So NPM actually sent them a 2FA but the user entered it on the phishing site. The attacker then relayed that to the real NPM. | ||