toad.social

jbzDeprecation of Node 20 on GitHub Actions runners - GitHub Changelog ｢ Beginning on March 4th, 2026, runners will begin using Node24 by default. To opt out of this and continue using Node20 after this date, set ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true as an env in your workflow or as an environment variable on your runner machine. This will only work until we upgrade the runner and remove Node20 later in the summer of 2026 ｣<a href="https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/" rel="nofollow noopener" translate="no" target="_blank">https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/</a><a href="https://indieweb.social/tags/github" class="mention hashtag" rel="nofollow noopener" target="_blank">#github</a> <a href="https://indieweb.social/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a>

Daemon Silverstein<a href="https://calckey.world/tags/NPM" rel="nofollow noopener" target="_blank">#NPM</a> from <a href="https://calckey.world/tags/Node" rel="nofollow noopener" target="_blank">#Node</a>.js ended up in the hands of Microsoft. <a href="https://calckey.world/tags/RubyGems" rel="nofollow noopener" target="_blank">#RubyGems</a> from <a href="https://calckey.world/tags/Ruby" rel="nofollow noopener" target="_blank">#Ruby</a> ended up in the hands of a nazi libertarian. It feels like <a href="https://calckey.world/tags/OSS" rel="nofollow noopener" target="_blank">#OSS</a> and <a href="https://calckey.world/tags/FOSS" rel="nofollow noopener" target="_blank">#FOSS</a> are being attacked on a daily basis. Do anyone have information regarding <a href="https://calckey.world/tags/PyPi" rel="nofollow noopener" target="_blank">#PyPi</a> from <a href="https://calckey.world/tags/Python" rel="nofollow noopener" target="_blank">#Python</a>, is it also compromised? As far as I know, PyPi stopped working with <code>pip search</code> ("Use the browser") and the website needs JS to function (because it uses some PoW browser checking), so using Lynx or elinks as a sysadmin on a terminal-only machine in order to search for Python packages have been a no-no. Wonder how much it's due to similar phenomenon going on with Ruby and Node.js ecosystems.

SnowShould Cozy Critters Society start hosting a public <a href="https://mastodon.puppyhost.ing/tags/XMR" class="mention hashtag" rel="nofollow noopener" target="_blank">#XMR</a> <a href="https://mastodon.puppyhost.ing/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a>? A XMR node is a node that carries a list of <a href="https://mastodon.puppyhost.ing/tags/monero" class="mention hashtag" rel="nofollow noopener" target="_blank">#monero</a> transactions that a monero client uses to synchronize with. I believe clients also use them to do transactions? I could be wrong with the transactions part

.:\dGh/:.You have to be shitting me. God I fucking hate npm.I literally spent an hour trying to diagnose why the builder was "freezeing" for several minutes, and it's because it downloads thousands of packages for a project with... 20 dependencies.Fuck NPM. Fuck JavaScript.<a href="https://mastodon.social/tags/Programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#Programming</a> <a href="https://mastodon.social/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a> <a href="https://mastodon.social/tags/Node" class="mention hashtag" rel="nofollow noopener" target="_blank">#Node</a> <a href="https://mastodon.social/tags/NodeJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJS</a> <a href="https://mastodon.social/tags/JS" class="mention hashtag" rel="nofollow noopener" target="_blank">#JS</a> <a href="https://mastodon.social/tags/ECMAScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#ECMAScript</a> <a href="https://mastodon.social/tags/NPM" class="mention hashtag" rel="nofollow noopener" target="_blank">#NPM</a> <a href="https://mastodon.social/tags/PackageManagers" class="mention hashtag" rel="nofollow noopener" target="_blank">#PackageManagers</a> <a href="https://mastodon.social/tags/SoftwareDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#SoftwareDevelopment</a> <a href="https://mastodon.social/tags/WebDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebDevelopment</a> <a href="https://mastodon.social/tags/WebDev" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebDev</a>

Magical CatI am puzzled a bit with all these waves of news about compromised <a href="https://mastodon.online/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a> packages and NPM-worm.Is there anything such known to happen within <a href="https://mastodon.online/tags/Java" class="mention hashtag" rel="nofollow noopener" target="_blank">#Java</a> ecosystem general and Maven packages catalogue?Asking this <a href="https://mastodon.online/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> related question as I doing first steps in learning Java and I want to set proper expectations about Java ecosystem security & related risk models.

ChiefGyk3D🚨 npm supply-chain attack alert 🚨 “Shai-Hulud” worm is stealing secrets & spreading via malicious packages. If you use Node/npm, audit now, rotate creds, and check GitHub for signs of compromise.🔗 <a href="https://www.wiz.io/blog/shai-hulud-npm-supply-chain-attack" rel="nofollow noopener" translate="no" target="_blank">https://www.wiz.io/blog/shai-hulud-npm-supply-chain-attack</a> <a href="https://social.chiefgyk3d.com/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cybersecurity</a> <a href="https://social.chiefgyk3d.com/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://social.chiefgyk3d.com/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a> <a href="https://social.chiefgyk3d.com/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> <a href="https://social.chiefgyk3d.com/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#nodejs</a> <a href="https://social.chiefgyk3d.com/tags/shaihulud" class="mention hashtag" rel="nofollow noopener" target="_blank">#shaihulud</a> <a href="https://social.chiefgyk3d.com/tags/coding" class="mention hashtag" rel="nofollow noopener" target="_blank">#coding</a>

𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕🧵 …nun noch auf Deutsch (oben englisch) zum JavaScript NPM Hack und wie dies einiges an Web-Software betrifft.»Neuer NPM-Großangriff — Selbst-vermehrende Malware infiziert Dutzende Pakete: Womöglich stecken hinter der Attacke dieselben Angreifer wie beim letzten Mal. Ihr Schadcode trägt den Namen eines prominenten Science-Fiction-Monsters in sich.«😠 <a href="https://www.heise.de/news/Neuer-NPM-Grossangriff-Selbst-vermehrende-Malware-infiziert-Dutzende-Pakete-10651111.html" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/news/Neuer-NPM-Grossangriff-Selbst-vermehrende-Malware-infiziert-Dutzende-Pakete-10651111.html</a><a href="https://chaos.social/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a> <a href="https://chaos.social/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> <a href="https://chaos.social/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#javascript</a> <a href="https://chaos.social/tags/typescript" class="mention hashtag" rel="nofollow noopener" target="_blank">#typescript</a> <a href="https://chaos.social/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#nodejs</a> <a href="https://chaos.social/tags/webdev" class="mention hashtag" rel="nofollow noopener" target="_blank">#webdev</a> <a href="https://chaos.social/tags/ts" class="mention hashtag" rel="nofollow noopener" target="_blank">#ts</a> <a href="https://chaos.social/tags/js" class="mention hashtag" rel="nofollow noopener" target="_blank">#js</a> <a href="https://chaos.social/tags/coding" class="mention hashtag" rel="nofollow noopener" target="_blank">#coding</a> <a href="https://chaos.social/tags/dev" class="mention hashtag" rel="nofollow noopener" target="_blank">#dev</a> <a href="https://chaos.social/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a>

Bfritz0815Einige sehr oft als dependencies genutzte <a href="https://bark.lgbt/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> Pakete sind kompromittiert:<a href="https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised" rel="nofollow noopener" translate="no" target="_blank">https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised</a>Zeit, die eigenen ".lock" Dateien nach den betroffenen dependencies und von Allem SUB-DEPENDENCIES zu durchsuchen.Auch sinnvoll: package.json hat ein property "overrides", mit dem man pakete mit sicherheitslücken ausschließen kann<a href="https://bark.lgbt/tags/packages" class="mention hashtag" rel="nofollow noopener" target="_blank">#packages</a> <a href="https://bark.lgbt/tags/dependencies" class="mention hashtag" rel="nofollow noopener" target="_blank">#dependencies</a> <a href="https://bark.lgbt/tags/compromised" class="mention hashtag" rel="nofollow noopener" target="_blank">#compromised</a> <a href="https://bark.lgbt/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://bark.lgbt/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a> <a href="https://bark.lgbt/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a> <a href="https://bark.lgbt/tags/NodeJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJS</a> <a href="https://bark.lgbt/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> <a href="https://bark.lgbt/tags/npmcompromised" class="mention hashtag" rel="nofollow noopener" target="_blank">#npmcompromised</a> <a href="https://bark.lgbt/tags/yarn" class="mention hashtag" rel="nofollow noopener" target="_blank">#yarn</a> <a href="https://bark.lgbt/tags/bun" class="mention hashtag" rel="nofollow noopener" target="_blank">#bun</a>Please forward <a href="https://chaos.social/@uugrn" class="u-url mention" rel="nofollow noopener" target="_blank">@uugrn</a> <a href="https://chaos.social/@RaumZeitLabor" class="u-url mention" rel="nofollow noopener" target="_blank">@RaumZeitLabor</a>

JdeBPAs someone who has done a fair amount of code dealing with ECMA-35 and ECMA-48, today I discovered that node has a has-ansi package.It is on version 6. It is 7 lines long. It requires 2 other packages. And it is marked beta.There's an entire separate package with a complete infrastructure of its own for a single regular expression.This degree of incohesion is mad.<a href="https://social.treehouse.systems/@ska" class="u-url mention" rel="nofollow noopener" target="_blank">@ska</a> <a href="https://hachyderm.io/@dalias" class="u-url mention" rel="nofollow noopener" target="_blank">@dalias</a> <a href="https://mastodonapp.uk/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a> <a href="https://mastodonapp.uk/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> <a href="https://mastodonapp.uk/tags/ECMA48" class="mention hashtag" rel="nofollow noopener" target="_blank">#ECMA48</a>

⚯ Michel de Cryptadamus ⚯the massive <a href="https://universeodon.com/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a> / <a href="https://universeodon.com/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> supply chain hack thankfully seems to have once again been aimed solely at stealing <a href="https://universeodon.com/tags/crypto" class="mention hashtag" rel="nofollow noopener" target="_blank">#crypto</a> so once again if you don't use crypto you don't have much to worry about.that said getting your <a href="https://universeodon.com/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a> downloaded over a billion times is... impressive.details: <a href="https://jdstaerk.substack.com/p/we-just-found-malicious-code-in-the" rel="nofollow noopener" translate="no" target="_blank">https://jdstaerk.substack.com/p/we-just-found-malicious-code-in-the</a><a href="https://universeodon.com/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#javascript</a> <a href="https://universeodon.com/tags/phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#phishing</a>

Alanna 🏳️‍🌈🏳️‍⚧️Oh dear, loads of npm compromises again: <a href="https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised" rel="nofollow noopener" translate="no" target="_blank">https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised</a>😬 <a href="https://mastodon.ie/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a> <a href="https://mastodon.ie/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a>

Aerofreak | USA WTF?<a href="https://rollenspiel.social/@ArneBab" class="u-url mention" rel="nofollow noopener" target="_blank">@ArneBab</a>Das rechtfertigt nicht das Auslöschen der gesamten palästinensischen Zivilbevölkerung einschließlich neutraler Hilfskräfte und Berichterstatter.<a href="https://hessen.social/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a>

Deutschland<a href="https://www.europesays.com/de/396110/" rel="nofollow noopener" translate="no" target="_blank">https://www.europesays.com/de/396110/</a> Ansetzungen bis Ende November | DFL Deutsche Fußball Liga <a href="https://pubeurope.com/tags/ajax" class="mention hashtag" rel="nofollow noopener" target="_blank">#ajax</a> <a href="https://pubeurope.com/tags/Deutschland" class="mention hashtag" rel="nofollow noopener" target="_blank">#Deutschland</a> <a href="https://pubeurope.com/tags/Germany" class="mention hashtag" rel="nofollow noopener" target="_blank">#Germany</a> <a href="https://pubeurope.com/tags/http" class="mention hashtag" rel="nofollow noopener" target="_blank">#http</a> <a href="https://pubeurope.com/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a> <a href="https://pubeurope.com/tags/promise" class="mention hashtag" rel="nofollow noopener" target="_blank">#promise</a> <a href="https://pubeurope.com/tags/Sport" class="mention hashtag" rel="nofollow noopener" target="_blank">#Sport</a> <a href="https://pubeurope.com/tags/xhr" class="mention hashtag" rel="nofollow noopener" target="_blank">#xhr</a>

Adrian SegarCan we make better conference chairs? Steelcase is trying with its Node chairs, which can move and swivel.<a href="https://www.conferencesthatwork.com/index.php/event-design/2013/06/better-cconference-chairs" rel="nofollow noopener" translate="no" target="_blank">https://www.conferencesthatwork.com/index.php/event-design/2013/06/better-cconference-chairs</a><a href="https://mastodon.social/tags/meetings" class="mention hashtag" rel="nofollow noopener" target="_blank">#meetings</a> <a href="https://mastodon.social/tags/EventDesign" class="mention hashtag" rel="nofollow noopener" target="_blank">#EventDesign</a> <a href="https://mastodon.social/tags/seating" class="mention hashtag" rel="nofollow noopener" target="_blank">#seating</a> <a href="https://mastodon.social/tags/chairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#chairs</a> <a href="https://mastodon.social/tags/Steelcase" class="mention hashtag" rel="nofollow noopener" target="_blank">#Steelcase</a> <a href="https://mastodon.social/tags/participation" class="mention hashtag" rel="nofollow noopener" target="_blank">#participation</a> <a href="https://mastodon.social/tags/Node" class="mention hashtag" rel="nofollow noopener" target="_blank">#Node</a> <a href="https://mastodon.social/tags/events" class="mention hashtag" rel="nofollow noopener" target="_blank">#events</a> <a href="https://mastodon.social/tags/eventprofs" class="mention hashtag" rel="nofollow noopener" target="_blank">#eventprofs</a>

WordofTheHour<a href="https://mastodon.social/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a> : the joint of a stem, or the part where a leaf or several leaves are inserted- French: nœud- German: der Knoten- Italian: nodo- Portuguese: nodo- Spanish: nodo------------Word of The Hour's Annual Survey @ <a href="https://wordofthehour.org/r/form" rel="nofollow noopener" translate="no" target="_blank">https://wordofthehour.org/r/form</a>

BotKit by Fedify :botkit:We're excited to announce the release of <a href="https://github.com/fedify-dev/botkit/releases/tag/0.3.0" rel="nofollow noopener" target="_blank">BotKit 0.3.0</a>! This release marks a significant milestone as <a class="mention hashtag" rel="nofollow noopener" href="https://hollo.social/tags/BotKit" target="_blank">#BotKit</a> now supports <a class="mention hashtag" rel="nofollow noopener" href="https://hollo.social/tags/Node" target="_blank">#Node</a>.js alongside <a class="mention hashtag" rel="nofollow noopener" href="https://hollo.social/tags/Deno" target="_blank">#Deno</a>, making it accessible to a wider audience. The minimum required Node.js version is 22.0.0. This dual-runtime support means you can now choose your preferred <a class="mention hashtag" rel="nofollow noopener" href="https://hollo.social/tags/JavaScript" target="_blank">#JavaScript</a> runtime while building <a class="mention hashtag" rel="nofollow noopener" href="https://hollo.social/tags/ActivityPub" target="_blank">#ActivityPub</a> <a class="mention hashtag" rel="nofollow noopener" href="https://hollo.social/tags/bots" target="_blank">#bots</a> with the same powerful BotKit APIs.One of the most requested features has landed: <a href="https://botkit.fedify.dev/concepts/message#polls" rel="nofollow noopener" target="_blank">poll support</a>! You can now create interactive polls in your <a class="mention hashtag" rel="nofollow noopener" href="https://hollo.social/tags/bot" target="_blank">#bot</a> messages, allowing followers to vote on questions with single or multiple-choice options. Polls are represented as ActivityPub <code>Question</code> objects with proper expiration times, and your bot can react to votes through the new <a href="https://botkit.fedify.dev/concepts/events#vote" rel="nofollow noopener" target="_blank"><code>onVote</code> event handler</a>. This feature enhances engagement possibilities and brings BotKit to feature parity with major <a class="mention hashtag" rel="nofollow noopener" href="https://hollo.social/tags/fediverse" target="_blank">#fediverse</a> platforms like Mastodon and Misskey. <pre><code>// Create a poll with multiple choices await session.publish(text`What's your favorite programming language?`, { class: Question, poll: { multiple: true, // Allow multiple selections options: ["JavaScript", "TypeScript", "Python", "Rust"], endTime: Temporal.Now.instant().add({ hours: 24 }), }, }); // Handle votes bot.onVote = async (session, vote) => { console.log(`${vote.actor} voted for "${vote.option}"`); };</code></pre>The web frontend has been enhanced with a new followers page, thanks to the contribution from Hyeonseo Kim (<a translate="no" class="h-card u-url mention" href="https://hackers.pub/@gaebalgom" rel="nofollow noopener" target="_blank">@gaebalgom</a>)! The <code>/followers</code> route now displays a paginated list of your bot's followers, and the follower count on the main profile page is now clickable, providing better visibility into your bot's audience. This improvement makes the web interface more complete and user-friendly.For developers looking for alternative storage backends, we've introduced the <a href="https://botkit.fedify.dev/concepts/repository#sqliterepository" rel="nofollow noopener" target="_blank"><code>SqliteRepository</code></a> through the new <code>@fedify/botkit-sqlite</code> package. This provides a production-ready SQLite-based storage solution with ACID compliance, write-ahead logging (WAL) for optimal performance, and proper indexing. Additionally, the new <a href="https://botkit.fedify.dev/concepts/repository" rel="nofollow noopener" target="_blank"><code>@fedify/botkit/repository</code> module</a> offers <a href="https://botkit.fedify.dev/concepts/repository#memorycachedrepository" rel="nofollow noopener" target="_blank"><code>MemoryCachedRepository</code></a> for adding an in-memory cache layer on top of any <a href="https://botkit.fedify.dev/concepts/repository" rel="nofollow noopener" target="_blank">repository</a> implementation, improving read performance for frequently accessed data.This release also includes an important security update: we've upgraded to <a class="mention hashtag" rel="nofollow noopener" href="https://hollo.social/tags/Fedify" target="_blank">#Fedify</a> 1.8.8, ensuring your bots stay secure and compatible with the latest ActivityPub standards. The <a href="https://botkit.fedify.dev/concepts/repository" rel="nofollow noopener" target="_blank">repository pattern</a> has been expanded with new interfaces and types like <code>RepositoryGetMessagesOptions</code>, <code>RepositoryGetFollowersOptions</code>, and proper support for polls storage through the <code>KvStoreRepositoryPrefixes.polls</code> option, providing more flexibility for <a href="https://botkit.fedify.dev/concepts/repository#implementing-a-custom-repository" rel="nofollow noopener" target="_blank">custom implementations</a>.<a class="mention hashtag" rel="nofollow noopener" href="https://hollo.social/tags/fedidev" target="_blank">#fedidev</a>

⚯ Michel de Cryptadamus ⚯2/ i wrote a short-ish "note" over on The Blogging Site That Shall Not Be Named in an attempt to explain to the less technologically sophisticated people in the audience what just happened with the <a href="https://universeodon.com/tags/nx" class="mention hashtag" rel="nofollow noopener" target="_blank">#nx</a> / <a href="https://universeodon.com/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> supply chain attack.* my simplified explanation: <a href="https://substack.com/profile/96801203-michel-de-cryptadamus/note/c-149738571" rel="nofollow noopener" translate="no" target="_blank">https://substack.com/profile/96801203-michel-de-cryptadamus/note/c-149738571</a> * for the trve heads with opinions on linux distros wiz wrote a much more thorough explanation: <a href="https://www.wiz.io/blog/s1ngularity-supply-chain-attack" rel="nofollow noopener" translate="no" target="_blank">https://www.wiz.io/blog/s1ngularity-supply-chain-attack</a><a href="https://universeodon.com/tags/crypto" class="mention hashtag" rel="nofollow noopener" target="_blank">#crypto</a> <a href="https://universeodon.com/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptocurrency</a> <a href="https://universeodon.com/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#nodejs</a> <a href="https://universeodon.com/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a> <a href="https://universeodon.com/tags/threatintel" class="mention hashtag" rel="nofollow noopener" target="_blank">#threatintel</a> <a href="https://universeodon.com/tags/northkorea" class="mention hashtag" rel="nofollow noopener" target="_blank">#northkorea</a> <a href="https://universeodon.com/tags/lazarusgroup" class="mention hashtag" rel="nofollow noopener" target="_blank">#lazarusgroup</a> <a href="https://universeodon.com/tags/DPRK" class="mention hashtag" rel="nofollow noopener" target="_blank">#DPRK</a> <a href="https://universeodon.com/tags/hackers" class="mention hashtag" rel="nofollow noopener" target="_blank">#hackers</a> <a href="https://universeodon.com/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a> <a href="https://universeodon.com/tags/ethereum" class="mention hashtag" rel="nofollow noopener" target="_blank">#ethereum</a>

⚯ Michel de Cryptadamus ⚯everyone calm down, the enormous <a href="https://universeodon.com/tags/NPM" class="mention hashtag" rel="nofollow noopener" target="_blank">#NPM</a> supply chain attack of the incredibly popular (27,000 <a href="https://universeodon.com/tags/github" class="mention hashtag" rel="nofollow noopener" target="_blank">#github</a> stars) <a href="https://universeodon.com/tags/nx" class="mention hashtag" rel="nofollow noopener" target="_blank">#nx</a> <a href="https://universeodon.com/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a> build tool thingamajig is probably aimed solely at crypto bros. if you don't have any crypto you (hopefully) don't have anything to worry about.my fact free, completely unsupported by evidence hunch is that we will find this came from <a href="https://universeodon.com/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener" target="_blank">#NorthKorea</a> (because if it's a well orchestrated attempt to steal a bunch of crypto it's pretty much always north korea).<a href="https://universeodon.com/@cryptadamist/115102035321832152" rel="nofollow noopener" translate="no" target="_blank">https://universeodon.com/@cryptadamist/115102035321832152</a><a href="https://universeodon.com/tags/crypto" class="mention hashtag" rel="nofollow noopener" target="_blank">#crypto</a> <a href="https://universeodon.com/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener" target="_blank">#cryptocurrency</a> <a href="https://universeodon.com/tags/ethereum" class="mention hashtag" rel="nofollow noopener" target="_blank">#ethereum</a> <a href="https://universeodon.com/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> <a href="https://universeodon.com/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#nodejs</a> <a href="https://universeodon.com/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a> <a href="https://universeodon.com/tags/js" class="mention hashtag" rel="nofollow noopener" target="_blank">#js</a> <a href="https://universeodon.com/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#javascript</a> <a href="https://universeodon.com/tags/webdev" class="mention hashtag" rel="nofollow noopener" target="_blank">#webdev</a> <a href="https://universeodon.com/tags/DPRK" class="mention hashtag" rel="nofollow noopener" target="_blank">#DPRK</a> <a href="https://universeodon.com/tags/LazarusGroup" class="mention hashtag" rel="nofollow noopener" target="_blank">#LazarusGroup</a> <a href="https://universeodon.com/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://universeodon.com/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://universeodon.com/tags/threatintel" class="mention hashtag" rel="nofollow noopener" target="_blank">#threatintel</a> <a href="https://universeodon.com/tags/claude" class="mention hashtag" rel="nofollow noopener" target="_blank">#claude</a> <a href="https://universeodon.com/tags/gemini" class="mention hashtag" rel="nofollow noopener" target="_blank">#gemini</a>

steve mookie kongLong live <?php <a href="https://racingbunny.com/tags/php" class="mention hashtag" rel="nofollow noopener" target="_blank">#php</a> <a href="https://racingbunny.com/tags/asp" class="mention hashtag" rel="nofollow noopener" target="_blank">#asp</a> <a href="https://racingbunny.com/tags/coldfusion" class="mention hashtag" rel="nofollow noopener" target="_blank">#coldfusion</a> <a href="https://racingbunny.com/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a> <a href="https://racingbunny.com/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#nodejs</a> <a href="https://racingbunny.com/tags/django" class="mention hashtag" rel="nofollow noopener" target="_blank">#django</a> <a href="https://racingbunny.com/tags/rubyonrails" class="mention hashtag" rel="nofollow noopener" target="_blank">#rubyonrails</a>

Carlo Zottmann<a href="https://norden.social/tags/node" class="mention hashtag" rel="nofollow noopener" target="_blank">#node</a> has come quite a long way! Informative read:> Modern Node.js Patterns for 2025<a href="https://kashw1n.com/blog/nodejs-2025/" rel="nofollow noopener" translate="no" target="_blank">https://kashw1n.com/blog/nodejs-2025/</a>

Recent searches

Search options

Administered by:

Server stats:

#node