Get the latest tech news
70% of new NPM packages in last 6 months were spam
Headed to Black Hat USA? Come talk to us in Start-Up City at SC203! In April of this year, the Phylum Research Team revealed the proliferation of spam packages in npm associated with the Tea protocol, a decentralized initiative that promises to compensate software developers in cryptocurrency for their open-source
In April of this year, the Phylum Research Team revealed the proliferation of spam packages in npm associated with the Tea protocol, a decentralized initiative that promises to compensate software developers in cryptocurrency for their open-source contributions. Like the island of discarded plastic twice the size of Texas floating in the North Pacific Ocean, npm has accrued an astonishing amount of spam packages over the past six months. As the early SEO spammers figured out how to game PageRank for their benefit, history repeats itself, and a few software developers have spammed open-source repositories with absurd amounts of worthless packages.
Or read this on Hacker News/cdn.vox-cdn.com/uploads/chorus_asset/file/25313936/lenovo_legion_go_review_verge_sean_hollister_004.jpg)