Popular NPM Package Updated to Wipe Russia, Belarus Systems to Protest Ukraine Invasion,
In what’s yet another act of sabotage, the developer behind the popular « node-ipc » NPM package shipped a new version to protest Russia’s invasion of Ukraine, raising concerns about security in the open-source and the software supply chain.
Affecting versions 10.1.1 and 10.1.2 of the library, the changes introduced undesirable behavior by its maintainer RIAEvangelist, targeting users with IP
Affecting versions 10.1.1 and 10.1.2 of the library, the changes introduced undesirable behavior by its maintainer RIAEvangelist, targeting users with IP
,
In what’s yet another act of sabotage, the developer behind the popular « node-ipc » NPM package shipped a new version to protest Russia’s invasion of Ukraine, raising concerns about security in the open-source and the software supply chain.
Affecting versions 10.1.1 and 10.1.2 of the library, the changes introduced undesirable behavior by its maintainer RIAEvangelist, targeting users with IP
Affecting versions 10.1.1 and 10.1.2 of the library, the changes introduced undesirable behavior by its maintainer RIAEvangelist, targeting users with IP
, ,
https://thehackernews.com/2022/03/popular-npm-package-updated-to-wipe.html