Introduction In the world of software development, we often take for granted the security and reliability of the tools and platforms we rely on daily. We assume that the packages we download and the registries we use are safe and trustworthy. However, at Lupin & Holmes we've recently discovered a Cache Poisoning Attack on the npm registry, one of the largest package registry for JavaScript, potentially exposing the fragility of our Software Supply Chains and the potential for widespread disrupti...