pull down to refresh

@Bell_curve
1,774,120 sats stacked
stacking since: #89467longest cowboy streak: 181
bio
15,748 items
1 territory
by
for
36 sats \ 2 replies \ @Bell_curve 10 Sep \ on: Trump ally Charlie Kirk reported shot at Utah college event Politics_And_Law
Pronounced dead, age 31
He was bleeding profusely after being shot in the neck, video is unnerving
0 sats \ 0 replies \ @Bell_curve 10 Sep \ on: 2025 NFL Survivor Pool- Week 2 Pick Submissions are now open Stacker_Sports
This is not my pick per se... Browns vs Ravens are usually close games... Browns play harder against division opponents vs non division
0 sats \ 0 replies \ @Bell_curve 9 Sep \ parent \ on: Biden Election Year Economy Wasn’t That Great Jobs Revised Down by 911,000 econ
The problem is under Biden the number of incompetent people in charge of agencies skyrocketed
0 sats \ 9 replies \ @Bell_curve 9 Sep \ on: Stacker Saloon
70 sats \ 1 reply \ @Bell_curve 9 Sep \ parent \ on: New Deadlift World Recrod 510Kg by Thor Bjornsson Stacker_Sports
If your name is Thor then you don't have a choice
20 sats \ 1 reply \ @Bell_curve 9 Sep \ parent \ on: @didiplaywell's bio
I am a big fan of Coinos as a beginner friendly custodial wallet
I recommend it to everyone I know
Plus they have excellent support via email and Telegram
here is the creator and founder of @coinoswallet, Adam: @adam_coinos_io
edit: sometimes liquidity is a problem on lightning because Coinos is growing in popularity
1 reply \ @Bell_curve OP 8 Sep \ on: EMERGENCY: Bitcoin Wallets Compromised! DO NOT SIGN TX Before Watching bitcoin
from Claude...
Based on the research I've gathered, here are the 18 specific NPM packages that were compromised in this supply chain attack:

The Compromised Packages (with weekly download numbers):

Starting at September 8th, 13:16 UTC, these 18 very popular packages were compromised:
Highest Impact Packages:
  • ansi-styles - 371.41 million downloads/week
  • debug - 357.6 million downloads/week
  • chalk - 299.99 million downloads/week
  • strip-ansi - 261.17 million downloads/week
  • ansi-regex - 243.64 million downloads/week
  • wrap-ansi - 197.99 million downloads/week
  • color-convert - 193.5 million downloads/week
  • color-name - 191.71 million downloads/week
Medium Impact Packages:
  • is-arrayish - 73.8 million downloads/week
  • slice-ansi - 59.8 million downloads/week
  • error-ex - 47.17 million downloads/week
  • color-string - 27.48 million downloads/week
  • simple-swizzle - 26.26 million downloads/week
  • supports-hyperlinks - 19.2 million downloads/week
  • has-ansi - 12.1 million downloads/week
Lower Impact Packages:
  • chalk-template - 3.9 million downloads/week
  • supports-color - 287.1 million downloads/week
  • backslash - 0.26 million downloads/week

What These Packages Do

These are all fundamental utility packages that handle basic functions like:
  • Text coloring and formatting (chalk, ansi-styles, color-convert)
  • Debugging output (debug)
  • String manipulation (strip-ansi, wrap-ansi)
  • Error handling (error-ex)

The Scale

These utilities underpin much of the modern web and collectively account for more than 2.6 billion weekly downloads. They're the kind of packages that get included in almost every JavaScript project without developers even realizing it.

How the Attack Happened

Hackers compromised the npm account of Josh Goldberg, a well-known open-source maintainer known as "Qix," through a phishing campaign that targeted npm maintainers with emails impersonating the platform's support team.
These aren't flashy frameworks - they're the invisible building blocks that millions of websites and applications depend on, which is exactly what made this attack so devastating.
0 sats \ 0 replies \ @Bell_curve 8 Sep \ on: Stacker Saloon
https://www.youtube.com/live/R0M2TL7RARw
EMERGENCY: Bitcoin Wallets Compromised! DO NOT SIGN TX Before Watching