lemmy_in@lemm.eetoCybersecurity@sh.itjust.works•Malicious npm Packages Mimicking 'noblox.js' Compromise Roblox Developers’ SystemsEnglish
10·
17 days agoIn my (non-expert) opinion, there are a few reasons
- NPM is more popular than those other services by an order of magnitude, especially among new developer and startups.
- NPM allows for code to be executed while you install the package which is different from maven or nuget and allows for easy exploitation paths
Pick a popular online service with a public API and write some scripts that integrate with them. Learn by doing.