I got hacked a week ago. I did pretty extensive technical research on how they pulled it off and what I (/we) can try to prevent this from happening in the future, or at least minimise the scope as much as possible.
I hope this will help a few others, either by bringing more attention to how vulnerable the whole Node.js ecosystem is or just to help more people become aware how attackers try to play you.
I hope this will help a few others, either by bringing more attention to how vulnerable the whole Node.js ecosystem is or just to help more people become aware how attackers try to play you.