| ||Unpkg.com hacked?|
20 points by benaiah on April 13, 2017 | hide | past | favorite | 13 comments |
|I've checked on both my local machine and on a VPS I run, and the following URL is 302 redirecting to a malicious JS script which pops up a confirmation window and then redirects to ads:|
SOURCE URL: https://unpkg.com/react@latest/dist/react.js
MALICIOUS REDIRECT: https://compliance-jessica.xyz/a.php
This is the URL recommended for in-browser development use by https://facebook.github.io/react/docs/installation.html
Can anyone else replicate this?
| Apply to YC