Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
downrightmike
9mo ago
0 comments
Save
Share
The NPM breach was an email that stated the dev needed to update their MFA by the next day in order to keep their access.
If you're arguing that is what ruby central should have done, that's a social engineering attack.
0 comments
2 comments · 2 top-level
top
newest
oldest
mrinterweb
9mo ago
How would a heads up email look like a phishing email? Blindsiding the maintainers like this is just cruel.
loloquwowndueo
9mo ago
It’s entirely possible to distinguish between legit internal communication and a phishing email. (It gets harder and harder every day but ultimately still possible)
j
/
k
navigate · click thread line to collapse
