I love the smell of npm install malware in the morning.
Yes, feels like in those cases npm and bun are not far away. Coincidence?
Simplicity of the stack I think. I don’t think this is an npm-specific issue as the attacker could also download a bash script and run that instead.
Yes, feels like in those cases npm and bun are not far away. Coincidence?
Simplicity of the stack I think. I don’t think this is an npm-specific issue as the attacker could also download a bash script and run that instead.