Comment by blueflow Comment by blueflow 10 months ago 0 replies Copy Link View on Hacker News I think this is an actual "supply chain attack", while the downloading-malware-from-github-automated isn't.