An attack on NPM? And explaining exactly what is Edge computing
Let's go over a recent update with NPM where it underwent an attack campaign with stolen OAUTH tokens and going over edge computing.
🗞 News


Back in April GitHub released a blog post detailing an attack campaign with stolen OAuth user tokens. The investigation was still ongoing so this article covers several interesting tidbits on the attack!
Essentially the initial breakthrough by the hacker/bad actor was done with third-party integrations tokens from Heroku and TravisCI. From there they essentially went down a rabbit hole of different integrations and functionalities to obtain the login information for 100k+ users as well as a ton of private repository information ranging from secret keys to private company data.
If you happened to be affected GitHub ideally would have notified you already.
This is just another reminder to not have any sensitive information in your repository even if it’s private (unless it’s a secret that can only be accessed from the GitHub portal).
Full article:
Full attack on NPM article with OAUTH tokens


“The Edge” is quickly becoming a buzzword and concept that is spreading like wildfire. Many call it the future of web application sites. But what exactly does it mean?
In the article, Austin Gil goes over edge computing making a cute analogy with knitting dog hats.
Let’s break down the definitions he goes over:
Compute - Anything a machine returns something
Edge - As close as possible to the client’s browser/machine/what have you
Essentially edge computing is bringing to the client the application (maybe HTML?) or API results as close as possible. The biggest benefit of this is that it lowers the response time from the server to the user.
Check out the article for a full explanation.
📦 More interesting Articles
⚛ React
🎨 CSS
🔧 Other