The JavaScript ecosystem recently faced one of its most severe security incidents when a supply chain attack compromised the NPM account of maintainer qix, resulting in malicious code being injected into several widely-used packages.