That thing we said would keep happening if #npm didn't add signed packages keeps happening
https://www.mend.io/blog/fake-vs-code-extension-on-npm-spreads-multi-stage-malware/
Tane Piper ⁂
npub10j…rmmqy
2025-02-07 07:04:08 UTC
Author Public Key
npub10jcn59xt2jx7ejjka2l46pxphwwl2jzm9r245rw07yz5c6pu4n0q4rmmqySeen on
wss://relay.momostr.pinkPublished at
2025-02-07 07:04:08 UTCEvent JSON
{
"id": "39220bc9f19f737d5df0875880c4f81aedde2092d7a50164151b58e5e4fa8501",
"pubkey": "7cb13a14cb548decca56eabf5d04c1bb9df5485b28d55a0dcff1054c683cacde",
"created_at": 1738911848,
"kind": 1,
"tags": [
[
"proxy",
"https://tane.codes/@tanepiper/113961326928239760",
"web"
],
[
"t",
"npm"
],
[
"proxy",
"https://tane.codes/users/tanepiper/statuses/113961326928239760",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://tane.codes/users/tanepiper/statuses/113961326928239760",
"pink.momostr"
],
[
"-"
]
],
"content": "That thing we said would keep happening if #npm didn't add signed packages keeps happening \n\nhttps://www.mend.io/blog/fake-vs-code-extension-on-npm-spreads-multi-stage-malware/",
"sig": "965400d35d74ecbbb4f5765c7bc0e57ecafb4863c00d71024a2d3aafc20e8354d02b6b03ba2a11975f4f123d6247c36f6eb2eb0bcf249fe35a60aa00445cea18"
}