Y
Hacker News
new
|
ask
|
show
|
jobs
by
kaba0
1096 days ago
Yeah, even a package install, or npm invocation could easily install a keylogger with full network access, or go over the file system and encrypt it.