don’t upgrade your npm dependencies today, at all. Just don’...

npub137c5pd8gmhhe0njtsgwjgunc5xjr2vmzvglkgqs5sjeh972gqqxqjak37w

hex

d5a6a7e4e94899d17c4f4916e8406451111d06a40fee245f1fde58b8ff20d13d

nevent

nevent1qqsdtf48un553xw30385j9hggpj9zygaq6jqlm3ytu0auk9clusdz0gprpmhxue69uhhyetvv9ujuem4d36kwatvw5hx6mm9qgsglv2qkn5dmmuhee9cy8fywfu2rfp4xd3xy0myqg2gfvmjl9yqqrqrstm9m

Kind-1 (TextNote)

2026-03-31T06:34:11Z

don’t upgrade your npm dependencies today, at all. Just don’t.

https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan

Raw JSON

{
  "kind": 1,
  "id": "d5a6a7e4e94899d17c4f4916e8406451111d06a40fee245f1fde58b8ff20d13d",
  "pubkey": "8fb140b4e8ddef97ce4b821d247278a1a4353362623f64021484b372f948000c",
  "created_at": 1774938851,
  "tags": [
    [
      "r",
      "https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan"
    ]
  ],
  "content": "don’t upgrade your npm dependencies today, at all. Just don’t.\n\nhttps://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan",
  "sig": "47da8e4dd3855b2107c3daa7ab1086292b9010c8e45cdab711a50c85911f8d04e18244511fff1a757d34b207a88696d8747f231a1e34ca52b61b63335196d667"
}