@socket.dev on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

Socket

socket.dev

did:plc:n6f3j47vjucu5ijwdmow7n2w

🚨 Another supply chain attack: Attackers republished 29 legitimate npm packages with a backdoor using compromised publisher access, enabling further propagation via stolen tokens and payload delivery through an ICP canister. Details: https://socket.dev/blog/canisterworm-npm-publisher-compromise-deploys-backdoor-across-29-packages #NodeJS

2026-03-21T00:23:03.915Z