New week, new HUGE supply chain attack. Likely still ongoing, MANY packages are affected.
I take a look at what's happening and do a deep dive analysis.
TanStack Post Mortem: https://tanstack.com/blog/npm-supply-chain-compromise-postmortem
Socket.dev Analysis (incl recommended actions): https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack
Mistral affected: https://x.com/AikidoSecurity/status/2053974705795989906
MORE packages affected: https://x.com/AikidoSecurity/status/2053990513280475405
Spread to Python: https://x.com/SocketSecurity/status/2054048025081737446
How to protect: https://www.youtube.com/watch?v=Fs6YDVJq5As
GitHub Actions course: https://acad.link/gha
All my courses: https://academind.com/courses
Website: https://maximilian-schwarzmueller.com/
Socials:
👉 Twitch: https://www.twitch.tv/maxedapps
👉 X: https://x.com/maxedapps
👉 Udemy: https://www.udemy.com/user/maximilian-schwarzmuller/
👉 LinkedIn: https://www.linkedin.com/in/maximilian-schwarzmueller/
Want to become a web developer or expand your web development knowledge?
I have multiple bestselling online courses on React, Angular, NodeJS, Docker & much more!
👉 https://academind.com/courses
