|
|
|
|
|
|
by killerstorm
278 days ago
|
|
|
"Outbound network connection at npm install" is just one of many ways malware in NPM package can manifest itself. E.g. malware might be executed when you test code which uses the library, or when you run a dev server, or on a deployed web site. The entire stack is built around trusting a code, letting it do whatever it wants. That's the problem. |
|
|