The author of the article posted the goods - now every. single. npm. package. needs to be scanned for this kind of attack. In the article it was part of the admin controller handling. In the future it could be some utility function everyone is calling. Or some CLI tool people blindly npx run.
The author of the article posted the goods - now every. single. npm. package. needs to be scanned for this kind of attack. In the article it was part of the admin controller handling. In the future it could be some utility function everyone is calling. Or some CLI tool people blindly npx run.