Resident Pulser@infosec.pubB to Pulse of Truth@infosec.pubEnglish · 13 days agoHundreds of code libraries posted to NPM try to install malware on dev machinesarstechnica.comexternal-linkmessage-square1fedilinkarrow-up16file-textcross-posted to: programming@programming.devtechnology@lemmy.worldcybersecurity@sh.itjust.works
arrow-up16external-linkHundreds of code libraries posted to NPM try to install malware on dev machinesarstechnica.comResident Pulser@infosec.pubB to Pulse of Truth@infosec.pubEnglish · 13 days agomessage-square1fedilinkfile-textcross-posted to: programming@programming.devtechnology@lemmy.worldcybersecurity@sh.itjust.works
minus-squarehorse_battery_staple@lemmy.worldlinkfedilinkEnglisharrow-up2·13 days agoAll I ever read about NPM are supply chain attacks. Honest question, why is that so?