JSNation 2019 - Jarrod Overson - 24 minsjavascriptnpmnodesecuritybitcoinEDITOR'S CHOICE: The ownership of the npm package 'event-stream' changed hands, late 2018, and found its way into the hands of an attacker, targeting a Bitcoin wallet.