Malware in PostHog NPM packages

Heykuki News

11 points

6 months ago

I know many of us use a really excellent PostHog service, but it seems their latest version of `posthog-js` NPM package contains malware.

Reported to their security channel, also reported to NPM, but also wanted to raise awareness here.

Update: It seems all their NPM packages have the same problem

Update 2: https://status.posthog.com/

9 comments

Malware in PostHog NPM packages | Heykuki News