🚨 The authors of node-ipc have pushed malware in an update, which wipes your disk if you happen to have Russian or Belorussian IP address.
This affects some large projects like Vue CLI where it is a dependency.
https://github.com/RIAEvangelist/node-ipc/issues/233
It does not actually wipe your disk, it just places a file on the users desktop. It seems the author originally wanted to wipe the users disk, but decided against it. Shit like this is a great reason to always pin your dependencies and do your research before upgrading them.
It does not actually wipe your disk, it just places a file on the users desktop. It seems the author originally wanted to wipe the users disk, but decided against it. Shit like this is a great reason to always pin your dependencies and do your research before upgrading them.