@esbuild-kit/* packages on NPM Seems Hacked not sure where to report this, so I will post it on HN. I got the following warn from two esbuild packages """ npm warn deprecated @esbuild-kit/core-utils@3.3.2: Merged into tsx: https://tsx.is npm warn deprecated @esbuild-kit/esm-loader@2.6.5: Merged into tsx: https://tsx.is """ where tsx.is is apparently leads hijacked some attacker site that got paid for each visit. I'm confused if tsx.is domain is hacked, or the package is hacked. Anyone? |
No comments yet