Y
Hacker News
new
|
ask
|
show
|
jobs
by
ktusznio
3985 days ago
Yes, but the same attack could happen if an attacker gains control of an npm module. Users without tight control over their modules could unwittingly pull in malicious code.