Jeff Geerling1d ago

Another day, another supply chain attack, this time Axios: https://github.com/axios/axios/issues/10604

Makes me glad I'm lazy and intentional about dependency updates. But it's a worrying trend. Soon we'll be tracking these things by the hour.

[email protected] and [email protected] are compromised · Issue #10604 · axios/axios

more details: https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan Most likely, a maintainer's GitHub and npm accounts are compromised as these iss...

GitHub
Show threadBenny1d ago
@geerlingguy it's gotten really bad. That's why for a while now I've only been developing in a DevContainer. For my side projects, I'm relying more and more on #Deno, as I hope its security architecture will prevent exactly these kinds of threats.
Show threaddieTasse1d ago
@benny
Went to check whar Deno is... Found https://dbushell.com/2026/03/20/denos-decline-and-layoffs/ looks like it might not ve sort learnig anymore.. 😅
404 Deno CEO not found

The one where I mourn the best runtime and speculate idly

dbushell.com
Show threadBenny
@dieTasse 😕
Mar 31 at 8:12amWeb