I just made a very similar comment. Spot on. It's laughable to think that this t... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jongjong 37 days ago \| parent \| context \| favorite \| on: We all dodged a bullet I just made a very similar comment. Spot on. It's laughable to think that this trivial opportunity that literally any developer could pull off with a couple of thousand dollars is a one-in-a-million. North Korea probably has enough money to buy up a significant percentage of all popular npm dependencies and most people would sell willingly and unwittingly. In the case of North Korea, it's really crazy because hackers over there can do this legally in their own country, with the support of their government! And most popular npm developers are broke.

tonyhart7 37 days ago [–]

actually, unless you are billionaire or high profile individual

You wouldn't get targeted not because they cant but its not worth it

many state sponsored attack is well documented in a lot of book that people can read they don't want to add much record because its create buzz

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact