Post · bonfire.cafe

@tanepiper@tane.codes · 3 days ago

Oh look! Another #npm postinstall malware.

Amazing this security hole still hasn't been patched for over a decade now.

https://www.stepsecurity.io/blog/supply-chain-security-alert-popular-nx-build-system-package-compromised-with-data-stealing-malware

Log in

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.0-rc.2.11 no JS en

Automatic federation enabled