this post was submitted on 15 Oct 2025
1 points (100.0% liked)

Sysadmin

11551 readers
42 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
!lemmy@lemmy.ml
!lemmyworld@lemmy.world
!lemmy_support@lemmy.ml
!support@lemmy.world

founded 2 years ago
MODERATORS
DarraignTheSane@lemmy.world
00Lemming@lemmy.world
L3s@lemmy.world
1
NPM Supply Chain Attack: Is the Coast Clear? (lemmy.world)
submitted 2 weeks ago by BombOmOm@lemmy.world to c/sysadmin@lemmy.world
0 comments fedilink hide all child comments
 

About a month ago NPM was compormised. It was advised to lock versions to before the compromise.

However, one eventually needs to unlock and start getting updates again. Does anybody know if the coast is clear, or possibly a place that is tracking known compromised packages and their current status?

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here