A protest via a developer against Russia’s invasion of Ukraine has turned into a supply chain attack in a popular JavaScript developer module. Detailed Wednesday by researchers at Snyk Ltd., the bizarre tale starts on March 8 with developer Brandon Nozaki Miller, who wrote source code and published an “npm” software module called “peacenotwar.” The notes with the module claim that it serves as a nondestructive example of why controlling node modules is important and as a protest against Russia.
Read full article on SiliconANGLE