Toptal GitHub Hacked: 10 Malicious npm Packages, 5,000 Downloads, and What It Means for Every Developer
What if the next npm install you run wipes your computer and steals your secrets? That scenario isn’t just a hypothetical anymore. In July 2025, Toptal—a platform trusted by thousands of top developers and businesses—had its GitHub organization breached, resulting in the publication of 10 malicious npm packages that were downloaded over 5,000 times before…