No way to prevent this, says only package manager where this regularly happens.
This was a GitHub Actions hack, nothing related to publishing on npm was compromised.
alt Hacker News
This was a GitHub Actions hack, nothing related to publishing on npm was compromised.