←back to thread

Malicious versions of Nx and some supporting plugins were published

(github.com)
441 points longcat | 1 comments | 27 Aug 25 01:38 UTC | HN request time: 0.415s | source
Show context
monlockandkey ◴[27 Aug 25 23:32 UTC] No.45046573[source]
Any practical tips for hardened security when programming? Don't want to be exposed to npm/pip/cargo installing password/browser cookie stealers. What worries me is the little to no isolation between the dev environment and the rest of the OS for day to day use.
replies(1): >>45051081 #
christophilus ◴[28 Aug 25 11:58 UTC] No.45051081[source]
Use as few deps as possible, and run your projects in containers, or even better, VMs.
replies(1): >>45060026 #
1. neya ◴[29 Aug 25 04:00 UTC] No.45060026[source]
That doesn't guarantee anything still, that's the beauty of Javascript ;)