NPM packages have been compromised by a self-replicating worm known as Shai-Hulud: https://www.blackduck.com/blog/npm-m...ud-threat.html
Basically it gets credentials and then publishes infected packages as the authenticated (compromised) user.
Printable View
NPM packages have been compromised by a self-replicating worm known as Shai-Hulud: https://www.blackduck.com/blog/npm-m...ud-threat.html
Basically it gets credentials and then publishes infected packages as the authenticated (compromised) user.
If there is a vulnerability, it WILL be exploited...eventually.
I've moved this to General Developer forum. In hindsight, Chit-Chat was probably not the best location.
So someone decided to "spice" it up? :DQuote:
Originally Posted by dday9