/top/
/new/
/best/
/ask/
/show/
/job/
^
slacker news
login
about
←back to thread
NPM debug and chalk packages compromised
(www.aikido.dev)
1369 points
universesquid
| 1 comments |
08 Sep 25 15:37 UTC
|
HN request time: 0.228s
|
source
https://github.com/advisories/GHSA-8mgj-vmr8-frr6
Show context
heipei
◴[
08 Sep 25 18:54 UTC
]
No.
45172280
[source]
▶
>>45169657 (OP)
#
If you want to see what the phishing site (npmjs[.]help) looks like:
https://urlscan.io/result/01992a3e-4f8c-72bb-90a9-c13826f2d8...
- Was still up and running 2 hours ago.
replies(1):
>>45177225
#
1.
mdaniel
◴[
09 Sep 25 03:57 UTC
]
No.
45177225
[source]
▶
>>45172280
#
> Size: 3124 kB
Hey, that's a pretty good reproduction of npmjs
ID:
GO
↑