top | item 45207426 (no title) darthwalsh | 5 months ago What's more likely, the real npm site has a subdomain with XSS (IIRC the issue you linked) or you are manually filling your password into a phishing site?There's strong evidence that the latter is a more common concern. discuss order hn newest esseph|5 months ago What I'm saying is that autofill is a current method of credential extraction that should be avoided.You don't have to believe me, read the links.
esseph|5 months ago What I'm saying is that autofill is a current method of credential extraction that should be avoided.You don't have to believe me, read the links.
esseph|5 months ago
You don't have to believe me, read the links.