The authors of node-ipc have pushed malware in an update, which wipes your disk if you happen to have Russian or Belorussian IP address. This affects some large projects [@bantg, Twitter]

TheAnonymouseJoker@lemmy.ml · 3 years ago

The authors of node-ipc have pushed malware in an update, which wipes your disk if you happen to have Russian or Belorussian IP address. This affects some large projects [@bantg, Twitter]

murtaza64@programming.dev · 1 year ago

In the statement from the NGO they threaten legal action. Is there grounds/precedent for such a thing? Don’t you use open source code at your own risk?

Kerb@discuss.tchncs.de · 1 year ago

im of course not a lawyer,
but id expect that there might be a diffrence between stuff breaking or not working as expected, and what sounds like intentional sabotage

TheAnonymouseJoker@lemmy.ml · 1 year ago

Node-ipc is used in way too many places.

The authors of node-ipc have pushed malware in an update, which wipes your disk if you happen to have Russian or Belorussian IP address. This affects some large projects [@bantg, Twitter]

The authors of node-ipc have pushed malware in an update, which wipes your disk if you happen to have Russian or Belorussian IP address. This affects some large projects [@bantg, Twitter]

banteg (@bantg)