We All Dodged a Bullet
We all dodged a bullet Published on 2025-09-09, 971 words, 4 minutes to read That NPM attack could have been so much worse. CadeyThis post and its online comment sections are blame-free zones. We are not blaming anyone for clicking on the phishing link. If you were targeted with such a phishing attack, you’d fall for it too and it’s a matter of when not if. Anyone who claims they wouldn’t is wrong.This is also a bit of a rant. Yesterday one of the biggest package ecosystems had very popular packages get compromised. We’re talking functionality like: Formatting text with colors for use in the terminal A list of common color names and their RGB values A decorator for functions so you can debug their inputs/outputs as they are run A utility function that determines if its…
