|
|
|
|
|
|
by panstromek
72 days ago
|
|
|
Actually, from the OP, the timeline is: > March 31, 00:21 UTC: axios@1.14.1 published with plain-crypto-js@4.2.1 injected > March 31, around 01:00 UTC: axios@0.30.4 published with the same payload > March 31, around 01:00 UTC: first external detections > March 31, around 01:00 UTC: community members file issues reporting the compromise. The attacker deletes them using the compromised account. So it was found out almost immediately. |
|
|