You may have already seen this, @Gargron (github.com/dominictarr/event-s) but it appears that Mastodon includes some NPM libraries discovered today to be backdoored (for some time apparently)

@jerry Mastodon includes 0.1.0 of the flatmap package. The affected version is 0.1.1 as I understand

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.