github.blog
2 votes robocop — 2 votes, 2 commentsSource

This vulnerability existed in the npm registry beyond the timeframe for which we have telemetry to determine whether it has ever been exploited maliciously.

dafuq? Just re-install every system that used npm in the past.

ahah what a mess XD But why is it always npm?