Yesterday we saw the disclosure of a report showing how a security researcher was able to successfully infiltrate 35+ name brand companies, primarily via npm. Ironically, the mechanism used to perpetrate the attack is one that Im quite familiar with and has been at the heart of the contention of how weve managed the Maven Central repository for 16+ years vs the users who push back on the standards and just want it to be easy like npm Maven is built upon a strong namespacing concept that requires every artifact that be addressed.”]
Source: https://blog.sonatype.com/why-namespacing-matters-in-public-open-source-repositories