When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Similar packages were found on NPM, as well.
While the number of compromised endpoints is difficult to determine, Assaraf says its most likely in the thousands.
Going into the publisher page we continue to get positive reinforcements, he said.
The only thing developers can do is exert care when downloading software packages.
Dont trust - verify is the usual mantra, especially within the cryptocurrency community.
ViaBleepingComputer
