Reposted
Tane Piper ⁂ (@tanepiper@tane.codes)
Post details
#npm is 14 years old - 8 years ago I wrote a first proof of concept of a supply chain attack, Microsoft have owned it for 4 years and have done absolutely nothing to secure it. (That supply chain attack - https://github.com/tanepiper/steal-ur-stuff)