Y
Hacker News
new
|
ask
|
show
|
jobs
by
reorder9695
5 days ago
The PKGBUILD files specified npm as a dependency, so it would've been installed prior to installing the malicious file, so not having npm is by no means a guarantee.