oh! understood. thanks.
Hey, new dev here. Sorry if this is a common knowledge and I am asking a stupid question. How does you getting phished affect these NPM packages? aren't these handled by NPM or the developers of them?
insanely well-crafted. i mean, it's something bad that happened but one must recognise the wit of this attack.
How I do it is, run npm list --all then check the completely dependency tree to find out if anywhere I am using the vulnerable package.
I can not find the package anymore. I think someone did it already.
oh! understood. thanks.
Hey, new dev here. Sorry if this is a common knowledge and I am asking a stupid question. How does you getting phished affect these NPM packages? aren't these handled by NPM or the developers of them?
insanely well-crafted. i mean, it's something bad that happened but one must recognise the wit of this attack.
How I do it is, run npm list --all then check the completely dependency tree to find out if anywhere I am using the vulnerable package.
I can not find the package anymore. I think someone did it already.