Y
Hacker News
new
|
ask
|
show
|
jobs
by
mort96
38 days ago
I maintain that NPM malware use postinstall scripts just because they exist and are convenient. Had NPM not had postinstall scripts, the malware would have used a different mechanism and been almost exactly as effective.