Incidents like this show how fragile the supply chain really is. One compromised maintainer account can affect thousands of projects. We need better defaults for package signing + automated trust checks, otherwise we’ll just keep repeating the same cycle.”
pavlov 9/8/2025||
The malware steals crypto in end-user browsers.
Another one for “web3 is going great”…
goku12 9/8/2025|
I dislike web3 and the overuse of crypto as much as you do. But look at the nature of the exploit. It isn't limited to crypto or web3. There are other secrets and sensitive information that browsers regularly hold in their memory. What about them?
jowea 9/8/2025||
Yeah cryptoassets are probably just the easiest thing to monetize.
bpavuk 9/8/2025||
I'll come back to this thread when someone asks me why I hate JavaScr*pt yet again. this will be one of a thousand links.
albi05 9/8/2025||
"B-b-but passkeys are inconvenient"
herpdyderp 9/8/2025|
I must admit I was wary of them at first but now I use them on everything I can and it's more convenient.