Y
Hacker News
new
|
ask
|
show
|
jobs
by
Hackbraten
38 days ago
But who will detect them on day one once everyone ignores them for seven days?
3 comments
bakkoting
38 days ago
These things are usually caught by tools specifically scanning npm or by the maintainers noticing their account is compromised, not by people auditing their own installed packages.
link
eranation
38 days ago
There are some companies that specialize in detecting those, they do it for free (and get lots of marketing for it…)
link
aoeusnth1
38 days ago
AI agents
link