This is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is.
Post
Filippo Valsorda
filippo.abyssdomain.expert
did:plc:x2nsupeeo52oznrmplwapppl
This might be the best executed supply chain attack we've seen described in the open, and it's a nightmare scenario: malicious, competent, authorized upstream in a widely used library.
Looks like this got caught by chance. Wonder how long it would have taken otherwise.
[contains quote post or other embedded content]
2024-03-29T19:29:38.454Z