Thursday, November 29, 2018

Compromised npm Package: event-stream - Linux.com (blog)


Compromised npm Package: event-stream
Linux.com (blog)
Ownership of a popular npm package, event-stream , was transferred by the original author to a malicious user, right9ctrl. This package receives over 1.5mm weekly downloads and is depended on by nearly 1,600 other packages. The malicious user was able ...