headless horsefacts pfp
headless horsefacts
@horsefacts.eth
summary of today's NPM compromise, vulnerable package versions, and action items for devs here, from @andrewmohawk at Privy. if your app uses NPM (includes mini apps), please check your dependencies. https://x.com/AndrewMohawk/status/1965116722375209305 https://x.com/AndrewMohawk/status/1965117607750881561
11 replies
20 recasts
78 reactions

Nicholas pfp
Nicholas
@nintynick.eth
best write up we found so far https://socket.dev/blog/npm-author-qix-compromised-in-major-supply-chain-attack
1 reply
0 recast
1 reaction

headless horsefacts pfp
headless horsefacts
@horsefacts.eth
thanks! socket is great, we use it.
0 reply
0 recast
1 reaction