RSS BotMB to Hacker NewsEnglish · 1 month ago

Mini Shai-Hulud Strikes Again: 314 npm Packages Compromised

3

14

Mini Shai-Hulud Strikes Again: 314 npm Packages Compromised

RSS BotMB to Hacker NewsEnglish · 1 month ago

3

Mini Shai-Hulud Strikes Again: 317 npm Packages Compromised

A compromised npm maintainer account published 637 malicious versions across 317 packages including size-sensor, echarts-for-react, timeago.js, and hundreds of @antv scoped packages, affecting 15M+ monthly downloads.

Chat

calm.like.a.bomb@lemmy.dbzer0.com
link
fedilink
English
arrow-up
4·
1 month ago

monthly

More like weekly for some months! I’m constantly in security meetings at my job because of this! I hate it.

Hacker News

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !hackernews@lemmy.bestiver.se

Community locked: only moderators can create posts. You can still comment on posts.

Posts from the RSS Feed of HackerNews.

The feed sometimes contains ads and posts that have been removed by the mod team at HN.

Source of the RSS Bot

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

431 users / day
1.71K users / week
3.95K users / month
9.82K users / 6 months
2 local subscribers
5.07K subscribers
54.7K Posts
29.7K Comments
Modlog