(www.aikido.dev)

1369 points universesquid | 1 comments | 08 Sep 25 15:37 UTC | HN request time: 0.001s | source

Show context

baloki ◴[09 Sep 25 07:36 UTC] No.45178717[source]▶

A package on the list called ‘simple-swizzle’ turns out to be used in OpenNext which is an unexpected attack vector for sure.

replies(1): >>45180289 #

1. yread ◴[09 Sep 25 10:55 UTC] No.45180289[source]▶

> DO. NOT. USE. THIS. PACKAGE

> Used by 9.9m

NPM debug and chalk packages compromised