/top/
/new/
/best/
/ask/
/show/
/job/
^
slacker news
login
about
←back to thread
NPM debug and chalk packages compromised
(www.aikido.dev)
1369 points
universesquid
| 1 comments |
08 Sep 25 15:37 UTC
|
HN request time: 0s
|
source
https://github.com/advisories/GHSA-8mgj-vmr8-frr6
Show context
adudethatgolfs
◴[
08 Sep 25 18:05 UTC
]
No.
45171684
[source]
▶
>>45169657 (OP)
#
Scoket was all over this -
https://socket.dev/blog/npm-author-qix-compromised-in-major-...
replies(1):
>>45172994
#
cddotdotslash
◴[
08 Sep 25 19:44 UTC
]
No.
45172994
[source]
▶
>>45171684
#
Nathan, do you work for Socket? I think you should at least disclose that when sharing posts here.
replies(1):
>>45173596
#
1.
whatamidoingyo
◴[
08 Sep 25 20:33 UTC
]
No.
45173596
[source]
▶
>>45172994
#
I've never heard of Socket before this thread. They could be taking advantage of this news and promoting the company, as it's mentioned quite a few times in this thread. Or it's just a good service that I should probably be using.
ID:
GO
↑