Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account (thehackernews.com)
from spez@sh.itjust.works to programming@programming.dev on 31 Mar 11:14
https://sh.itjust.works/post/57717248

What an ol’ classic in the age of AI!

#programming

threaded - newest

spez@sh.itjust.works on 31 Mar 11:21 next collapse

<img alt="" src="https://sh.itjust.works/pictrs/image/1b8873d0-0362-4d9e-ad1d-449999a029dd.png"> It gets better and better lol

onlinepersona@programming.dev on 31 Mar 11:32 next collapse

Pre and post install hooks are a mistake, jfk

TechnoCat@piefed.social on 31 Mar 13:56 collapse

I always advocate switching to pnpm where install scripts are disabled by default. It has plenty of security features to ward off most supply chain attacks.