This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2022-04-16
Channels
- # announcements (2)
- # asami (5)
- # babashka (52)
- # beginners (42)
- # biff (3)
- # cljdoc (4)
- # cljsrn (2)
- # clojure (30)
- # clojure-austin (35)
- # clojure-dev (3)
- # clojure-france (11)
- # clojurescript (36)
- # conjure (6)
- # cursive (5)
- # fulcro (33)
- # graalvm (41)
- # lsp (54)
- # malli (1)
- # music (2)
- # off-topic (7)
- # overtone (1)
- # pedestal (5)
- # polylith (2)
- # remote-jobs (1)
- # sci (28)
- # shadow-cljs (38)
- # vim (15)
- # web-security (1)
- # xtdb (8)
> GitHub Security identified unauthorized access to our npm production infrastructure using a compromised AWS API key. Based on subsequent analysis, we believe this API key was obtained by the attacker when they downloaded a set of private npm repositories Don't push your aws access keys to vcs, npm or anywhere. Scary that github does (did) that