Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
dylmye
7 months ago
|
parent
|
context
|
favorite
| on:
NPM package 'debug' v4.4.2 contains malware
The two listed collaborators of the debug package have over 700 packages published collectively, many of them with millions of weekly downloads. What could possibly go wrong when their token is compromised?
Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
