Hacker News
- Compromised NPM packages of ua-parser-JS (0.7.29, 0.8.0, 1.0.0) https://github.com/faisalman/ua-parser-js/issues/536 6 comments
- How can we make sure this doesn't happen with Crates.io? https://github.com/faisalman/ua-parser-js/issues/536 202 comments rust
- Warning bitcoin mining infection: ua-parser-js library https://github.com/faisalman/ua-parser-js/issues/536 14 comments javascript
- BREAKING!! NPM package ‘ua-parser-js’ with more than 7M weekly download is compromised https://github.com/faisalman/ua-parser-js/issues/536 937 comments programming
Linking pages
- The Case for C# and .NET. It has been interesting as I’ve shifted… | by Charles Chen | ITNEXT https://chrlschn.medium.com/the-case-for-c-and-net-72ee933da304 622 comments
- Control your npm dependencies. Have you ever wondered why your… | by Sai Hemanth Beeraka | Medium https://medium.com/@saihemanth9019/control-your-npm-dependencies-e84dfd1dd12f 41 comments
- supply-chain-goat/CompromisedDependency.md at main · step-security/supply-chain-goat · GitHub https://github.com/step-security/supply-chain-goat/blob/main/CompromisedDependency.md 1 comment
- tag-security/supply-chain-security/compromises at main · cncf/tag-security · GitHub https://github.com/cncf/sig-security/tree/master/supply-chain-security/compromises 0 comments
- NPM fixes private package names leak, serious authorization bug https://www.bleepingcomputer.com/news/security/npm-fixes-private-package-names-leak-serious-authorization-bug/ 0 comments
- The Supply Chain Attack of UAParser.js npm Package - Truesec https://www.truesec.com/hub/blog/uaparser-js-npm-package-supply-chain-attack-impact-and-response 0 comments
- ua-parser-js and Malicious npm Packages | by James Ide | Exposition https://blog.expo.dev/ua-parser-js-and-malicious-npm-packages-8c13ee4141a?gi=c17dbc760f38 0 comments
- Publishing Gems With Your YubiKey | Tenderlove Making https://tenderlovemaking.com/2021/10/26/publishing-gems-with-your-yubikey.html 0 comments
- tag-security/supply-chain-security/compromises at main · cncf/tag-security · GitHub https://github.com/cncf/tag-security/tree/main/supply-chain-security/compromises 0 comments