pull down to refresh

Tinycolor npm Package Compromised in (another) Supply Chain Attacksocket.dev/blog/tinycolor-supply-chain-attack-affects-40-packages
333 sats \ 1 comment \ @aljaz 3h security
write
preview
related posts
5 sats \ 0 replies \ @rblb 2h
Installing npm packages feels like playing russian roulette these days. This is 100x times worse than the other attack.
reply