科技回声

I've checked on both my local machine and on a VPS I run, and the following URL is 302 redirecting to a malicious JS script which pops up a confirmation window and then redirects to ads:SOURCE URL: https://unpkg.com/react@latest/dist/react.js MALICIOUS REDIRECT: https://compliance-jessica.xyz/a.phpThis is the URL recommended for in-browser development use by https://facebook.github.io/react/docs/installation.htmlCan anyone else replicate this?

9 条评论

NuclearFishin大约 8 年前

Looks like there was indeed an issue with a bad nameserver update:<a href="https://twitter.com/unpkg/status/852660203275276289" rel="nofollow">https://twitter.com/unpkg/status/852660203275276289</a>

评论 #14129358 未加载

Erd0s6大约 8 年前

I was having this issue to but all good now. Should I be concerned about my computer being infected from this? Virus scans don't find anything

davidjgraph大约 8 年前

unpkg are reporting this as fixed. <a href="https://twitter.com/unpkg/status/852668919768694784" rel="nofollow">https://twitter.com/unpkg/status/852668919768694784</a>.We got hit pretty hard for the 50 minutes or so the problem existed, Dropbox host their JS SDK lib on there...

davidkhess大约 8 年前

Seeing the same thing when trying to load Vue.Tweet from them:<a href="https://twitter.com/unpkg/status/852655106562564098" rel="nofollow">https://twitter.com/unpkg/status/852655106562564098</a>> We're experiencing some issues and working on it. Will post updates here as soon as we know more.

评论 #14111510 未加载

CorySimmons大约 8 年前

We got close to trending on HackerNews yesterday when this happened.Suddenly every visitor was reporting alert dialogs saying they had a virus and our votes dropped off a cliff.Last time I ever go against my gut and semi-trust anything.

himlion大约 8 年前

Use subresource integrity and this would have affected you less. Still a non functioning site unfortunately.

DorianDevelops大约 8 年前

Sucks just got this on my github portfolio page that I put up a few days ago.Any way to fix???

评论 #14111697 未加载

murftown大约 8 年前

Yes, I experienced the same thing.

svdpeijl大约 8 年前

here too - same thing.. this is ridiculous what a HUGE blunder on unpkg.com part

9 条评论

NuclearFishin大约 8 年前

评论 #14129358 未加载

Erd0s6大约 8 年前

I was having this issue to but all good now. Should I be concerned about my computer being infected from this? Virus scans don't find anything

davidjgraph大约 8 年前

davidkhess大约 8 年前

评论 #14111510 未加载

CorySimmons大约 8 年前

himlion大约 8 年前

Use subresource integrity and this would have affected you less. Still a non functioning site unfortunately.

DorianDevelops大约 8 年前

Sucks just got this on my github portfolio page that I put up a few days ago.Any way to fix???

评论 #14111697 未加载

murftown大约 8 年前

Yes, I experienced the same thing.

svdpeijl大约 8 年前

here too - same thing.. this is ridiculous what a HUGE blunder on unpkg.com part

Unpkg.com hacked?

9 条评论

Unpkg.com hacked?

9 条评论