Skip to content

Commit a4ea441

Browse files
tannerlinsleytannerlinsley
authored
Apply suggestion from @tannerlinsley 
1 parent bba6958 commit a4ea441

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

src/blog/incident-followup.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ authors:
1010
- Tanner Linsley
1111
---
1212

13-
This week, fourteen of our packages were quietly republished to npm with malware baked in. None of us authored those releases. None of us approved them. By the time the first report landed in our issue tracker, the malicious versions had already been sitting on the registry for a while.
13+
This week, fourteen of our packages were quietly republished to npm with malware baked in. None of us authored those releases. None of us approved them. By the time the first report landed in our issue tracker, the malicious versions had already been sitting on the registry for ~20 minutes.
1414

1515
We've already published [the full incident postmortem](/blog/npm-supply-chain-compromise-postmortem), and if you want the timeline, the attack chain, the exact package list, the IOCs, and the "what to do if you installed a bad version" guidance, that's the source of truth. Read that first.
1616

0 commit comments

Comments
 (0)