npm Fiasco. Malware that Steals Bitcoin
2018-11-27 npm's fiasco. A malware that steals bitcoin, hidden in a package named flatmap-stream. It's used by Angular, Vue, Bootstrap. Basically all websites you visit use it. The npm malware has been downloaded 8 million times
From the few incidents i've seen over the years, i find the npm's leader, Isaac Z Schlueter to be a power hungry skum. And JavaScript coders tend to be milengen idiots that r pillar of the sj stuff in programing community. Also, in js land, 5 lines of code is a package. [see npm Disease]
You wonder, why in JavaScript land 5 lines is a package? I haven't looked in depth, but i think:
- JavaScript is really bad lang and no standard libraries.
- New gen of programers is a lot less capable, since ~2010.
- Npm leader Isaac Z Schlueter designed the rules to max npm popularity.



Python Lib Malware 2017-09
apparently, this happened to python recently

