Mantine-datatable npm package compromised after account takeover
Hacker News·1mo·icflorescu
The maintainer of mantine-datatable lost control of their GitHub account, allowing attackers to push malicious code to the npm package. This is a sobering reminder that open-source maintainers are high-value targets—and that relying on a single person to guard the keys to widely-used libraries is a structural vulnerability.
Original story
Read the original on Hacker NewsRelated stories
Devtools
Developer reconstructs PDP-1 Lisp from 1960, traces roots of modern computingHacker News·2w·ozymandiax
Devtools
Game Boy emulator compiles to WebAssembly, outpaces native interpreterHacker News·2w·energeticbark