- Ua-parser-js highjack seems to be a part of a larger campaign first uncovered last week https://blog.sonatype.com/npm-project-used-by-millions-hijacked-in-supply-chain-attack 6 comments programming
Linking pages
- GitHub - tinysource/tinysource: Completely free TypeScript one-file source code snippets with tests, which can be copied to avoid extra dependencies (contributions welcome). https://github.com/tinysource/tinysource 13 comments
- A First Look at Harden-Runner: The Must-Have GitHub Action To Prevent Supply Chain Attacks | by Wenqi Glantz | Better Programming https://betterprogramming.pub/a-first-look-at-harden-runner-the-must-have-github-action-to-prevent-supply-chain-attacks-d7707bbc106e?sk=db3c14979b5d8245822e6b6450d3e689 2 comments
- GitHub - berstend/node-safe: 🤠 Make using Node.js safe again with Deno-like permissions https://github.com/berstend/node-safe 0 comments
- A First Look at Harden-Runner: The Must-Have GitHub Action To Prevent Supply Chain Attacks | by Wenqi Glantz | Better Programming https://betterprogramming.pub/a-first-look-at-harden-runner-the-must-have-github-action-to-prevent-supply-chain-attacks-d7707bbc106e 0 comments
- Node's Security Problem https://deno.com/learn/nodes-security-problem 0 comments
Related searches:
Search whole site: site:blog.sonatype.com
Search title: Popular npm Project Used by Millions Hijacked in Supply-Chain Attack
See how to search.