Newsletter #013: Large Phishing Operations Against Maintainers 🎯
A coordinated phishing campaign is targeting high-impact open source maintainers. Plus: Scorecard v6 evolving into a security evidence engine, 12 CVEs patched across undici, fastify, path-to-regexp and lodash, and a conversation about Node.js in production.
