← Back to context Comment by eranation 25 days ago These get detected almost immediately, and removed by npm within hours (axios, tanstack at least) 4 comments eranation Reply Hackbraten 25 days ago But who will detect them on day one once everyone ignores them for seven days? bakkoting 24 days ago These things are usually caught by tools specifically scanning npm or by the maintainers noticing their account is compromised, not by people auditing their own installed packages. eranation 24 days ago There are some companies that specialize in detecting those, they do it for free (and get lots of marketing for it…) aoeusnth1 24 days ago AI agents
Hackbraten 25 days ago But who will detect them on day one once everyone ignores them for seven days? bakkoting 24 days ago These things are usually caught by tools specifically scanning npm or by the maintainers noticing their account is compromised, not by people auditing their own installed packages. eranation 24 days ago There are some companies that specialize in detecting those, they do it for free (and get lots of marketing for it…) aoeusnth1 24 days ago AI agents
bakkoting 24 days ago These things are usually caught by tools specifically scanning npm or by the maintainers noticing their account is compromised, not by people auditing their own installed packages.
eranation 24 days ago There are some companies that specialize in detecting those, they do it for free (and get lots of marketing for it…)
But who will detect them on day one once everyone ignores them for seven days?
These things are usually caught by tools specifically scanning npm or by the maintainers noticing their account is compromised, not by people auditing their own installed packages.
There are some companies that specialize in detecting those, they do it for free (and get lots of marketing for it…)
AI agents