Npm Author Qix Compromised via Phishing Email
Posted4 months agoActive4 months ago
socket.devTechstory
heatednegative
Debate
60/100
NpmSupply Chain AttackSecurityPhishing
Key topics
Npm
Supply Chain Attack
Security
Phishing
NPM author Qix compromised via phishing email, affecting popular packages like chalk with 300M weekly downloads.
Snapshot generated from the HN discussion
Discussion Activity
Light discussionFirst comment
10m
Peak period
1
0-1h
Avg / period
1
Key moments
- 01Story posted
Sep 8, 2025 at 2:50 PM EDT
4 months ago
Step 01 - 02First comment
Sep 8, 2025 at 3:00 PM EDT
10m after posting
Step 02 - 03Peak activity
1 comments in 0-1h
Hottest window of the conversation
Step 03 - 04Latest activity
Sep 8, 2025 at 3:00 PM EDT
4 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
ID: 45172232Type: storyLast synced: 11/17/2025, 6:05:57 PM
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
One of the dependencies affected was chalk with 300M weekly downloads.