MastodonTech.de

Wervice 🦀Seeing the recent events going on with <a href="https://fosstodon.org/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> I removed node from my computer for now.It think, who ever is doing those attacks really doesn't care a bit about the maintainers behind the packages.What do you think about this?<a href="https://fosstodon.org/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#javascript</a>

MrB33nThe Hidden Fragility: Supply Chain Security in Open Source (RubyGems, NPM, PyPI)<a href="https://comuniq.xyz/post?t=340" rel="nofollow noopener" translate="no" target="_blank">https://comuniq.xyz/post?t=340</a> <a href="https://mastodon.social/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#tech</a> <a href="https://mastodon.social/tags/technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#technology</a> <a href="https://mastodon.social/tags/hacker" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacker</a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://mastodon.social/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a>

Johannes SchnattererTLDR recent <a href="https://floss.social/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> supply chain attacks🗓️ 26 Aug: <a href="https://floss.social/tags/nx" class="mention hashtag" rel="nofollow noopener" target="_blank">#nx</a> packages compromised stealing SSH keys, npm tokens, and .gitconfig files and weaponized AI CLI tools 😱 upload to repo named <a href="https://floss.social/tags/S1ngularity" class="mention hashtag" rel="nofollow noopener" target="_blank">#S1ngularity</a> HackerNews: <a href="https://news.ycombinator.com/item?id=45034496" rel="nofollow noopener" translate="no" target="_blank">https://news.ycombinator.com/item?id=45034496</a> GHSA-cxm3-wv7p-598c: <a href="https://github.com/nrwl/nx/security/advisories/GHSA-cxm3-wv7p-598c" rel="nofollow noopener" translate="no" target="_blank">https://github.com/nrwl/nx/security/advisories/GHSA-cxm3-wv7p-598c</a>🗓️ 8 Sep: <a href="https://floss.social/tags/chalk" class="mention hashtag" rel="nofollow noopener" target="_blank">#chalk</a>, <a href="https://floss.social/tags/debugjs" class="mention hashtag" rel="nofollow noopener" target="_blank">#debugjs</a> and other packages by maintainer <a href="https://floss.social/tags/qix" class="mention hashtag" rel="nofollow noopener" target="_blank">#qix</a> (junon) compromised. They handled this very transparently 👍️ See HackerNews: <a href="https://news.ycombinator.com/item?id=45169794" rel="nofollow noopener" translate="no" target="_blank">https://news.ycombinator.com/item?id=45169794</a> CVE-2025-59144: <a href="https://github.com/advisories/GHSA-4x49-vf9v-38px" rel="nofollow noopener" translate="no" target="_blank">https://github.com/advisories/GHSA-4x49-vf9v-38px</a>

JacketAfter the 3, yes, THREE! Dependency attacks using <a href="https://tech.lgbt/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a>, 1: please lock your version and run tools to figure out if you have vulnerabilities in you dependencies.2: Maybe integrating the most used functionality in the language is a good thing instead of relying on a million deps like in <a href="https://tech.lgbt/tags/javascipt" class="mention hashtag" rel="nofollow noopener" target="_blank">#javascipt</a> or <a href="https://tech.lgbt/tags/python" class="mention hashtag" rel="nofollow noopener" target="_blank">#python</a>.

Scott WilsonMore about the npm “worm”, from Palo Alto’s Unit 42 threat intelligence team: “Assume that any secret present on a developer's machine may have been compromised.”That’s a big deal. <a href="https://infosec.exchange/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> <a href="https://infosec.exchange/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#nodejs</a> <a href="https://infosec.exchange/tags/SBOM" class="mention hashtag" rel="nofollow noopener" target="_blank">#SBOM</a> <a href="https://infosec.exchange/tags/software" class="mention hashtag" rel="nofollow noopener" target="_blank">#software</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a><a href="https://unit42.paloaltonetworks.com/npm-supply-chain-attack/" rel="nofollow noopener" translate="no" target="_blank">https://unit42.paloaltonetworks.com/npm-supply-chain-attack/</a>

Scott WilsonLots of people are asking why the npm and Node.js thing are so dangerous… There are “over 3.1 million packages are available in the main npm registry”, and there’s no mechanism to review or approve the packages. 🤔<a href="https://infosec.exchange/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#javascript</a> <a href="https://infosec.exchange/tags/nodejs" class="mention hashtag" rel="nofollow noopener" target="_blank">#nodejs</a> <a href="https://infosec.exchange/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/software" class="mention hashtag" rel="nofollow noopener" target="_blank">#software</a> <a href="https://infosec.exchange/tags/SBOM" class="mention hashtag" rel="nofollow noopener" target="_blank">#SBOM</a>

𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕Aikido Safe ChainThe Aikido Safe Chain prevents developers from installing malware on their workstations through npm, npx, yarn, pnpm and pnpx. It's free to use and does not require any token.✅ <a href="https://www.npmjs.com/package/@aikidosec/safe-chain" rel="nofollow noopener" translate="no" target="_blank">https://www.npmjs.com/package/@aikidosec/safe-chain</a><a href="https://chaos.social/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> <a href="https://chaos.social/tags/javasript" class="mention hashtag" rel="nofollow noopener" target="_blank">#javasript</a> <a href="https://chaos.social/tags/savechain" class="mention hashtag" rel="nofollow noopener" target="_blank">#savechain</a> <a href="https://chaos.social/tags/aikido" class="mention hashtag" rel="nofollow noopener" target="_blank">#aikido</a> <a href="https://chaos.social/tags/js" class="mention hashtag" rel="nofollow noopener" target="_blank">#js</a> <a href="https://chaos.social/tags/ts" class="mention hashtag" rel="nofollow noopener" target="_blank">#ts</a> <a href="https://chaos.social/tags/webdev" class="mention hashtag" rel="nofollow noopener" target="_blank">#webdev</a> <a href="https://chaos.social/tags/typescript" class="mention hashtag" rel="nofollow noopener" target="_blank">#typescript</a> <a href="https://chaos.social/tags/npmjs" class="mention hashtag" rel="nofollow noopener" target="_blank">#npmjs</a> <a href="https://chaos.social/tags/web" class="mention hashtag" rel="nofollow noopener" target="_blank">#web</a> <a href="https://chaos.social/tags/itsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#itsecurity</a> <a href="https://chaos.social/tags/npmhell" class="mention hashtag" rel="nofollow noopener" target="_blank">#npmhell</a> <a href="https://chaos.social/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a> <a href="https://chaos.social/tags/hackers" class="mention hashtag" rel="nofollow noopener" target="_blank">#hackers</a> <a href="https://chaos.social/tags/npx" class="mention hashtag" rel="nofollow noopener" target="_blank">#npx</a> <a href="https://chaos.social/tags/yarn" class="mention hashtag" rel="nofollow noopener" target="_blank">#yarn</a> <a href="https://chaos.social/tags/pnpm" class="mention hashtag" rel="nofollow noopener" target="_blank">#pnpm</a> <a href="https://chaos.social/tags/pnpx" class="mention hashtag" rel="nofollow noopener" target="_blank">#pnpx</a> <a href="https://chaos.social/tags/bun" class="mention hashtag" rel="nofollow noopener" target="_blank">#bun</a>

Sascha Presnac 🙄🤦‍♂️Got some proposals for renaming the <a href="https://mastodon.online/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> commands:`npm pray install xyz` `npm dare update` `npm maybe install xyz`

.:\dGh/:.You have to be shitting me. God I fucking hate npm.I literally spent an hour trying to diagnose why the builder was "freezeing" for several minutes, and it's because it downloads thousands of packages for a project with... 20 dependencies.Fuck NPM. Fuck JavaScript.<a href="https://mastodon.social/tags/Programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#Programming</a> <a href="https://mastodon.social/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a> <a href="https://mastodon.social/tags/Node" class="mention hashtag" rel="nofollow noopener" target="_blank">#Node</a> <a href="https://mastodon.social/tags/NodeJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJS</a> <a href="https://mastodon.social/tags/JS" class="mention hashtag" rel="nofollow noopener" target="_blank">#JS</a> <a href="https://mastodon.social/tags/ECMAScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#ECMAScript</a> <a href="https://mastodon.social/tags/NPM" class="mention hashtag" rel="nofollow noopener" target="_blank">#NPM</a> <a href="https://mastodon.social/tags/PackageManagers" class="mention hashtag" rel="nofollow noopener" target="_blank">#PackageManagers</a> <a href="https://mastodon.social/tags/SoftwareDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#SoftwareDevelopment</a> <a href="https://mastodon.social/tags/WebDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebDevelopment</a> <a href="https://mastodon.social/tags/WebDev" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebDev</a>

Inautilo<a href="https://mastodon.social/tags/Development" class="mention hashtag" rel="nofollow noopener" target="_blank">#Development</a> <a href="https://mastodon.social/tags/Analyses" class="mention hashtag" rel="nofollow noopener" target="_blank">#Analyses</a> Oh no, not again... · “NPM has become the easiest way to ship malware.” <a href="https://ilo.im/166ych" rel="nofollow noopener" translate="no" target="_blank">https://ilo.im/166ych</a>_____ <a href="https://mastodon.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#Microsoft</a> <a href="https://mastodon.social/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#GitHub</a> <a href="https://mastodon.social/tags/Npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#Npm</a> <a href="https://mastodon.social/tags/NodeJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJS</a> <a href="https://mastodon.social/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a> <a href="https://mastodon.social/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Malware</a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://mastodon.social/tags/WebDev" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebDev</a> <a href="https://mastodon.social/tags/Frontend" class="mention hashtag" rel="nofollow noopener" target="_blank">#Frontend</a> <a href="https://mastodon.social/tags/Backend" class="mention hashtag" rel="nofollow noopener" target="_blank">#Backend</a>

GripNews🌗 npm 供應鏈攻擊事件深入解析：<a href="https://mastodon.social/@ctrl" class="u-url mention" rel="nofollow noopener" target="_blank">@ctrl</a>/tinycolor 套件遭惡意推送 ➤ 揭露 npm 供應鏈攻擊的技術細節與防範之道 ✤ <a href="https://sigh.dev/posts/ctrl-tinycolor-post-mortem/" rel="nofollow noopener" translate="no" target="_blank">https://sigh.dev/posts/ctrl-tinycolor-post-mortem/</a> 本文作者 Scott Cooper 深入剖析了其維護的 <a href="https://mastodon.social/@ctrl" class="u-url mention" rel="nofollow noopener" target="_blank">@ctrl</a>/tinycolor 套件遭受npm供應鏈攻擊的事件。攻擊者利用共享儲存庫的權限漏洞，透過惡意 GitHub Actions 工作流程竊取了具有廣泛發布權限的 npm 權杖，並藉此推送了包含惡意後門的套件版本。作者強調自身帳號和儲存庫並未直接被入侵，也未使用受感染的套件。事件發生後，GitHub 和 npm 安全團隊迅速採取行動，下架了惡意版本，作者也重新發布了乾淨版本以恢復信任。文章並探討了現有發布機制的不足，並提出了未來安全發布的改進建議，例如採用 npm 的 Trusted Publishing (OIDC) 及加強 2FA 驗證。 + 這篇文章解釋得很清楚，幸好作者和安全團隊反應快，不 <a href="https://mastodon.social/tags/%E4%BE%9B%E6%87%89%E9%8F%88%E6%94%BB%E6%93%8A" class="mention hashtag" rel="nofollow noopener" target="_blank">#供應鏈攻擊</a> <a href="https://mastodon.social/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> <a href="https://mastodon.social/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#GitHub</a> Actions <a href="https://mastodon.social/tags/%E5%AE%89%E5%85%A8%E6%80%A7" class="mention hashtag" rel="nofollow noopener" target="_blank">#安全性</a> <a href="https://mastodon.social/tags/TypeScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#TypeScript</a>

Evan Hahn"A better future for JavaScript that won't happen" <a href="https://drewdevault.com/2025/09/17/2025-09-17-An-impossible-future-for-JS.html" rel="nofollow noopener" translate="no" target="_blank">https://drewdevault.com/2025/09/17/2025-09-17-An-impossible-future-for-JS.html</a><a href="https://bigshoulders.city/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a> <a href="https://bigshoulders.city/tags/programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#programming</a> <a href="https://bigshoulders.city/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> <a href="https://bigshoulders.city/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a>

Kevin Karhan :verified:<a href="https://infosec.exchange/@technadu" class="u-url mention" rel="nofollow noopener" target="_blank">@technadu</a> After <a href="https://infosec.space/tags/CrowdStroke" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdStroke</a> it should be clear that <a href="https://infosec.space/tags/CrowdStrike" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdStrike</a> isn't a "trustworthy brand"...<ul><li>Granted everyone who thinks 3rd party <a href="https://infosec.space/tags/rootkits" class="mention hashtag" rel="nofollow noopener" target="_blank">#rootkits</a> like CrowdStrike in a <a href="https://infosec.space/tags/CCSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#CCSS</a> <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Govware</a> masquerading as an <a href="https://infosec.space/tags/OS" class="mention hashtag" rel="nofollow noopener" target="_blank">#OS</a> (<a href="https://infosec.space/tags/windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#windows</a>) is a valid security strategy should not be trusted even with a light switch or plastic fork.</li></ul>also <a href="https://infosec.space/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> sucks!

Christian NollNew NPM attack: Self-replicating malware infects dozens of packages - By Christopher Kunz<a href="https://www.heise.de/en/news/New-NPM-attack-Self-replicating-malware-infects-dozens-of-packages-10652404.html" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/en/news/New-NPM-attack-Self-replicating-malware-infects-dozens-of-packages-10652404.html</a><a href="https://mas.to/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a> <a href="https://mas.to/tags/programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#programming</a> <a href="https://mas.to/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> <a href="https://mas.to/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a>

𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕<a href="https://muenchen.social/@olafke" class="u-url mention" rel="nofollow noopener" target="_blank">@olafke</a> da Unmengen an Webdienste u.a. auf diesen JS-Libs aufbauen sind ebenso viele betroffen.»Millionen von Downloads — Schadcode in über 40 NPM-Pakete eingeschleust: Angreifer haben es erneut geschafft, mehrere NPM-Pakete mit einer Malware zu verseuchen. Diese sucht auf Entwicklersystemen nach Anmeldedaten.«👉 <a href="https://www.golem.de/news/millionen-von-downloads-schadcode-in-ueber-40-npm-pakete-eingeschleust-2509-200119.html" rel="nofollow noopener" translate="no" target="_blank">https://www.golem.de/news/millionen-von-downloads-schadcode-in-ueber-40-npm-pakete-eingeschleust-2509-200119.html</a> :mastodon: Pakete: <a href="https://chaos.social/@kubikpixel/115215475805921206" rel="nofollow noopener" translate="no" target="_blank">https://chaos.social/@kubikpixel/115215475805921206</a><a href="https://chaos.social/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#javascript</a> <a href="https://chaos.social/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> <a href="https://chaos.social/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a> <a href="https://chaos.social/tags/download" class="mention hashtag" rel="nofollow noopener" target="_blank">#download</a> <a href="https://chaos.social/tags/js" class="mention hashtag" rel="nofollow noopener" target="_blank">#js</a> <a href="https://chaos.social/tags/ts" class="mention hashtag" rel="nofollow noopener" target="_blank">#ts</a> <a href="https://chaos.social/tags/typescript" class="mention hashtag" rel="nofollow noopener" target="_blank">#typescript</a> <a href="https://chaos.social/tags/anmeldung" class="mention hashtag" rel="nofollow noopener" target="_blank">#anmeldung</a> <a href="https://chaos.social/tags/daten" class="mention hashtag" rel="nofollow noopener" target="_blank">#daten</a> <a href="https://chaos.social/tags/web" class="mention hashtag" rel="nofollow noopener" target="_blank">#web</a> <a href="https://chaos.social/tags/internet" class="mention hashtag" rel="nofollow noopener" target="_blank">#internet</a>

1.44 MBIt seems to me that <a href="https://mastodon.social/tags/Deno" class="mention hashtag" rel="nofollow noopener" target="_blank">#Deno</a> has an advantage over <a href="https://mastodon.social/tags/QuickJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#QuickJS</a> as far as co-existing with <a href="https://mastodon.social/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a>, and I like <a href="https://mastodon.social/tags/rollupjs" class="mention hashtag" rel="nofollow noopener" target="_blank">#rollupjs</a>. Plus, you don't need an ecosystem, just the monolithic binary. Yes, I know what is behind Deno, <a href="https://mastodon.social/tags/rust" class="mention hashtag" rel="nofollow noopener" target="_blank">#rust</a>, <a href="https://mastodon.social/tags/v8" class="mention hashtag" rel="nofollow noopener" target="_blank">#v8</a> and all of that. In many ways it is a compromise of mine.

Mirko SwillusI just got rickrolled looking for the <a href="https://chaos.social/tags/shaihulud" class="mention hashtag" rel="nofollow noopener" target="_blank">#shaihulud</a> <a href="https://chaos.social/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a> worm: <a href="https://github.com/janit/Shai-Hulud/blob/main/data.json" rel="nofollow noopener" translate="no" target="_blank">https://github.com/janit/Shai-Hulud/blob/main/data.json</a>(remember, double base64).

Cybso :progress::anti_nazi:Der dritte <a href="https://osna.social/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a>-Angriff in was, drei Wochen?<a href="https://www.golem.de/news/hunderte-npm-pakete-betroffen-ein-wurm-frisst-sich-durch-das-javascript-oekosystem-2509-200162.html" rel="nofollow noopener" translate="no" target="_blank">https://www.golem.de/news/hunderte-npm-pakete-betroffen-ein-wurm-frisst-sich-durch-das-javascript-oekosystem-2509-200162.html</a>Verpflichtendes Package-Signing durch Maintainer, wann?

Marcel SIneM(S)USNeuer <a href="https://social.tchncs.de/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a>-Großangriff: Hunderte Pakete mit selbst-vermehrender <a href="https://social.tchncs.de/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Malware</a> infiziert | Security <a href="https://www.heise.de/news/Neuer-NPM-Grossangriff-Selbst-vermehrende-Malware-infiziert-Dutzende-Pakete-10651111.html" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/news/Neuer-NPM-Grossangriff-Selbst-vermehrende-Malware-infiziert-Dutzende-Pakete-10651111.html</a> <a href="https://social.tchncs.de/tags/NodeJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJS</a> <a href="https://social.tchncs.de/tags/worm" class="mention hashtag" rel="nofollow noopener" target="_blank">#worm</a> <a href="https://social.tchncs.de/tags/NodePackageManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodePackageManager</a>

TechNadu🚨 Multiple CrowdStrike npm packages compromised in Shai-Hulud supply chain attack.⚠️ 187 packages infected ⚠️ Malware steals creds via TruffleHog ⚠️ 477 packages flagged in total<a href="https://www.technadu.com/multiple-crowdstrike-npm-packages-targeted-in-supply-chain-attack-as-attack-surface-expands/609810/" rel="nofollow noopener" translate="no" target="_blank">https://www.technadu.com/multiple-crowdstrike-npm-packages-targeted-in-supply-chain-attack-as-attack-surface-expands/609810/</a><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/SupplyChain" class="mention hashtag" rel="nofollow noopener" target="_blank">#SupplyChain</a> <a href="https://infosec.exchange/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#npm</a>

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#npm