Supply Chain Attack v2: The Build Tool Trojan
Same Playbook, New Hiding Spot If you read my previous write-up on the Dex-platform scam , you know the pattern: fake recruiter, polished repo, hidden malware. That attack hid its payload inside a fake npm package (tailwind-setting) loaded through tailwind.config.ts. This one is smarter. There’s no malicious npm package to flag. No suspicious dependency to Google. The entire attack lives in three lines of vite.config.ts - a file that most developers ignore if on the first glimpse it looks okay. ...