Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

GitHub confirmed that it's indeed the nx console extension, in their blog post: https://github.blog/security/investigating-unauthorized-acce...


Nrwl are right to be sceptical about Microsoft’s published download numbers for the compromised extension. Given that my machine downloaded it a full two hours after it was supposedly unpublished.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: