|
|
|
|
|
|
by dschofie
201 days ago
|
|
|
Reading through the post it looks like this infects via preinstall? > The new versions of these packages published to the NPM registry falsely purported to introduce the Bun runtime, adding the script preinstall: node setup_bun.js along with an obfuscated bun_environment.js file. |
|
|