https://medium.com/@vesirin/how-i-gained-commit-access-to-homebrew-in-30-minutes-2ae314df03ab https://blog.npmjs.org/post/175824896885/incident-report-npm-inc-operations-incident-of https://eslint.org/blog/2018/07/postmortem-for-malicious-package-publishes https://blog.npmjs.org/post/175824896885/incident-report-npm-inc-operations-incident-of https://medium.com/intrinsic/compromised-npm-package-event-stream-d47d08605502 https://blog.npmjs.org/post/180565383195/details-about-the-event-stream-incident https://www.theregister.co.uk/2018/11/26/npm_repo_bitcoin_stealer/ https://www.theregister.co.uk/2017/08/02/typosquatting_npm/ https://medium.com/@ceejbot/crossenv-malware-on-the-npm-registry-45c7dc29f6f5 https://blog.npmjs.org/post/175824896885/incident-report-npm-inc-operations-incident-of
Supply chain attacks involving package managers
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment