Replying to Avatar jimmysong

So the npm exploit happened because the developer was on bluesky and clicked on an email from them.

Had he been on Nostr, all those npm packages wouldn't have gotten compromised.
Avatar
Silberengel 4mo ago

How many of us have put our nsec into a signer or other app, without checking first, if it's compromised?

How many of us download every update, immediately, without reviewing the code?

Do we know how safe the NWC functionality is?

How much software is just always pulling "largest"?

Meh. Dunno.

Reply to this note

Please Login to reply.

Discussion

No replies yet.