Lars Willighagen
amosThe 'color' npm package has been compromised: https://fasterthanli.me/articles/color-npm-package-compromised
I'm currently going through the NPM attack payload and learning a bunch of about cryptocurrency (I've been ignoring them completely this whole time)
try {
args = JSON.parse(JSON.stringify(argsIn));
} catch (e) {
args = [...argsIn];
}
Ah see? I'm not the only one who didn't know about structuredClone
Here's the NPM supply chain attack payload deobfuscated & cleaned up by hand as best I could: https://github.com/fasterthanlime/0x112
...I'm not sure it would ever work in its current form, tbh
Exa 
@fasterthanlime Checked etherscan and apart from the main address there is this address with a transaction: https://etherscan.io/address/0xa4134741a64F882c751110D3E207C51d38f6c756
So I guess this account may be at risk https://etherscan.io/address/0xfaa1da7652cd162ad43bf1459a67df1a05a26a3d (~$300 worth)
So I guess this account may be at risk https://etherscan.io/address/0xfaa1da7652cd162ad43bf1459a67df1a05a26a3d (~$300 worth)
Daniel Luz@fasterthanlime …huh, and usable since 2022!? This is pretty cool https://developer.mozilla.org/en-US/docs/Web/API/Window/structuredClone
@fasterthanlime I think I got the same 2FA phishing email!
@fasterthanlime RE: the unresponsiveness of npm, I noticed that there's not really a way of reporting *failed* phishing attempts mentioned on the site either.
Simon Dassow@fasterthanlime Color me surprised 🙄
raspberryswirl@fasterthanlime get more colours in your life 
Awalrus@fasterthanlime unrelated to the malware, but the sponsorship tiers look a bit wonky on Firefox mobile (attached both chrome and Firefox on Android)
