Y
Hacker News
new
|
ask
|
show
|
jobs
by
z3t4
7 days ago
npmjs.org is a joke at this point. I guess their support is run by LLM because you can just write to them and they will transfer ownership of any module nilly willy.
1 comments
tobyhinloopen
7 days ago
That’s a bold claim to randomly write without any supporting sources
link
z3t4
7 days ago
I've got an example and submitted it via bug bounty channel, but they classified it as "social engineering".
link