←back to thread

NPM debug and chalk packages compromised

(www.aikido.dev)
1369 points universesquid | 1 comments | 08 Sep 25 15:37 UTC | HN request time: 0.253s | source
Show context
paxys ◴[08 Sep 25 21:22 UTC] No.45174186[source]
Yeah I know "everyone can be pwned" etc. but at this point if you are not using a password manager and still entering passwords on random websites whose domains don't match the official one then you have no business doing anything of value on the internet.
replies(6): >>45174727 #>>45175611 #>>45176385 #>>45177993 #>>45179019 #>>45179128 #
Drblessing ◴[09 Sep 25 01:35 UTC] No.45176385[source]
How does someone intelligent with 2FA get pwned? Serious question.
replies(2): >>45176768 #>>45178922 #
1. Mawr ◴[09 Sep 25 08:00 UTC] No.45178922[source]
Thinking you're above getting pwned is often step one :)

It's not easy to be 100% vigilant 100% of the time against attacks deliberatly crafted to fall for them. All it takes is a single well crafted attack that strikes when you're tired and you're done.