Hacker News new | ask | show | jobs
by vitamark 4 days ago
anything except that it's malware installed via npm
1 comments
Retr0id 4 days ago
As you can see here, they've already switched it out for a different command, likely due to incident responders over-indexing on npm as an IOC.

https://news.ycombinator.com/item?id=48503258

link