Simplicity of the stack I think. I don’t think this is an npm-specific issue as the attacker could also download a bash script and run that instead.
Simplicity of the stack I think. I don’t think this is an npm-specific issue as the attacker could also download a bash script and run that instead.