Hacker News
- NPM i event-stream 3.3.6 “404s”. Turns out was removed due to BC hack https://arstechnica.com/information-technology/2018/11/hacker-backdoors-widely-used-open-source-software-to-steal-bitcoin/ 2 comments
- NPM event-stream hack – can we be smarter next time? https://medium.com/@caffeinum/maintaining-security-while-juggling-burning-dependencies-a401759c840e 3 comments
Lobsters
- Backdoor in popular event-stream NPM repo https://github.com/dominictarr/event-stream/issues/116 53 comments javascript , nodejs , security
- NPM Blog: Details about the event-stream incident https://blog.npmjs.org/post/180565383195/details-about-the-event-stream-incident 43 comments javascript
- Widely used npm module ‘event-stream’ contained Bitcoin-stealing backdoor https://arstechnica.com/information-technology/2018/11/hacker-backdoors-widely-used-open-source-software-to-steal-bitcoin/ 46 comments programming
- Dominic's Response To The event-stream NPM Package Hack https://gist.github.com/dominictarr/9fd9c1024c94592bc7268d36b8d83b3a 131 comments javascript
- Dominic's Response To The event-stream NPM Package Hack https://gist.github.com/dominictarr/9fd9c1024c94592bc7268d36b8d83b3a 7 comments node
- In light of the event-stream npm package vulnerability, I thought I would share this cool (and scary) tool that visualises the dependency tree of npm packages https://npm.anvaka.com/#/view/2d/express 6 comments webdev
- "I don't know what to say."– Backdoor in popular event-stream NPM repo (github.com) https://github.com/dominictarr/event-stream/issues/116 15 comments javascript
- "I don't know what to say."– Backdoor in popular event-stream NPM repo (github.com) https://github.com/dominictarr/event-stream/issues/116 765 comments programming
- JSReport: This Week on npm v20181130: event-stream, qs, snapdragon-node https://js.report/blog/this-week-on-npm-20181130 4 comments node