২০২৬ সালের সবচেয়ে ভয়াবহ হ্যাক

⏱️ 0:00

This just became the most dangerous command that anyone can run. npm install anything. Fill in the blank. n a n, openclaw, doesn’t matter. We’re still uncovering just how bad the fallout on this is. Anyone could be infected. You could be infected. And this just hঅ্যাপened. Axios, the most popular HTTP library, over 100 million ডাউনলোডs a week, was hijacked. A হ্যাকer took over the lead maintainer’s account, injected malicious কোড without actually injecting malicious কোড, and it deploys a remote access Trojan in under 1.1 seconds. And the malware erases itself. No trace left behind. This just might be the most sophisticated and dangerous supply chain attack in history. Get your কফি ready. Let’s dig into how this hঅ্যাপened today. Like just a few hours ago. So, how exactly did this hঅ্যাপen? Here’s what we know so far. I’m going to walk you through the entire attack from how they got in to how the malware erased itself. And how it was discovered because, you know, we’re kind of talking about this right now. Now, first, you probably have Axios installed, the thing that got হ্যাকed. I’ll show you how to check to see if you’re on the bad version here in a moment. It’s an HTTP library, and it’s essentially how কোড talks to the internet. But you’ll rarely install it directly. Like I’ve never installed Axios, but I do have it installed. How? npm install. npm is the package manager for JavaScript, essentially the অ্যাপ store for কোড. Devs use it a ton. And so do you if you’ve installed something like n a n or openclaw. But you’re not just installing openclaw when you do that. You’re installing a bunch of dependencies or other কোড written by other people that the অ্যাপ you’re installing depends on to work. You’re trusting openclaw, but openclaw is trusting Axios. This is how most software works. And as it stands, the average npm project trusts 200 to 2,100 strangers with কোড execution. And I want to hit home the strangers part because this is where we got in trouble with Axios. Axios, something that 174,000 projects depend on, is কোডd by a bunch of random people. I mean, here’s the change log right here. Looking at the commits, random people. Pay attention to this guy. And these are unpaid people. This is open source. And one of those people got compromised. This guy. I feel so bad for this guy today. Jason Saiman, probably not his real name. Maybe it is. He’s a lead maintainer for Axios, and the attacker got his access token, a long-lived NPM classic access token that gave the attacker the keys to the kingdom. Now, we don’t know how this hঅ্যাপened just yet. We just know that it did. And this is when things get bad. He changed his account email to this email address, I have [email protected]. And the attacker was really clever because he never actually added any malicious কোড to Axios. Instead, he added one line to the package.json file. Here it is clean. Don’t blink. This is what he changed. plain_crypto.js. Notice dependencies. They keep getting us in trouble. Now, this is a simple dependency. Nothing kind of crazy about it. No one would really notice this. In fact, an average কোড reviewer would just go, “Oh, that’s a simple crypto thing.” And this sucker was never imported to any of Axios’s 86 source files. It exists only to install its post-install script. But, the attacker was smart. They actually staged a clean version of this file 18 hours before the malicious one. And they were able to bypass the typical CICD pipelines by using NPM CLI, essentially skipping all the guardrails that would normally catch something like this. Now, socket.dev was the first person or the first company to find this. And they have a really fun diagram I want to show you. Oh, and also, they changed two release branches, the 1.x and 0.x. Specifically, the 1.14.1 and the 0.30.4. And they were poisoned within 39 minutes of each other. So, any project using a caret range of these two releases would pull the compromised version on the next NPM install, which often hঅ্যাপens automatically with CICD pipelines or when you’re just installing open clock as some ইউটিউবr told you to do it during that time frame. I’m sorry. So, when you do NPM install, this post-install script runs automatically by itself. You don’t have to do anything. And it triggers what’s called a dropper. This dropper drops in setup.js. Now, it looks harmless. Looks like math. But, here we have two layers of obfuscation, which hides all the dangerous stuff from static scanners. It’s using XOR and base 64 and this weird order 7077 phrase. Does anyone know what that means? So, now that setup.js has the obfuscated all the dangerous stuff. Or revealed it, it can use it. It will then detect the operating system that it’s currently running on, which operating system you have. It will then contact the C2 সার্ভার, the command and control সার্ভার, which the attacker operates, and ডাউনলোডs the specific RAT or remote access Trojan software onto that computer. And this is what it would look like on ম্যাক, উইন্ডোজ, and লিনাক্স. This hঅ্যাপens 1.1 seconds after npm install. And then it cleans up. It deletes setup.js, deletes the malicious package.json, and renames the pre-staged package.md to package.json, which is a clean version. At this point, the attacker has access to your system. They can access your stuff in 1.1 seconds, and you didn’t even know. And you weren’t doing anything weird or wrong. You were just installing or using software from people that you trust. It’s not your fault. It’s a supply chain attack. It’s kind of like this. If someone wanted to poison me, they could just put poison in this cup of কফি, but that’d be hard cuz I’m always watching my কফি. But, they could instead go to the কফি roaster and poison the beans I buy. Actually, I need some more কফি right now. Or maybe they go higher up the chain. Maybe they poison the powder on these কফি bags, the same bags that are used by all the suppliers. That would expand their reach, poisoning a lot more people. I know this analogy is kind of dark. Or they can go bigger. What if they poisoned the water supply, going after the water I use to brew my কফি? And now they’ve expanded their use beyond কফি drinkers. It’s everyone who uses the water. And that’s kind of the scope we’re dealing with right now with the axios supply chain attack. So, let’s find out if you drink the water. Because here’s the thing, you might have axios installed, but you may not even know. I know I have it installed. I think I’m safe. Let’s check together right now. Because again, this stuff just hঅ্যাপened. I’m kind of discovering it with you. All right. Thank you, Pikachu. You can leave now. Okay. Bye. Okay. Let’s check. Let’s open up your টার্মিনাল first. Type in this. npm list -g axios. Check your versions. If you see 1.14.1 or 0.30.4, you may want to do a deeper search across your entire system. We can use this little multi-multiline command here. And I’ll have all these commands below for all the systems. And it’s finding things I’ve custom built myself. I didn’t even know how to axios in them. It’s everywhere, man. Now, let’s check if the rat actually made it onto your system. I’m going to use this command to see if it’s on my ম্যাক. Not there. I’ll have commands for what উইন্ডোজ and লিনাক্স below. And you can also check if it’s going to reach out to the command and control সার্ভার. This is the IP that was found. It was taken down or it’s not up anymore. If none of that showed anything, you’re probably good for now. Just keep an eye out. But if you found anything, stop right now. Don’t just delete files. Treat your machine as a compromised machine. Rotate your এপিআই keys. Every credential, every token. I’ll have a full remediation checklist below. Keep an eye out. Keep your ear to the ground. And it seems like this is hঅ্যাপening more and more often now. Um ha- এআই is amazing and it’s been helping us build stuff, but it’s also helping the হ্যাকers do things. This is hঅ্যাপening way more often than it should. So, pay attention. Be secure. Um also, go watch John Hammond’s live stream where he actually woke up and went through all this and went through all the কোড. It was very fun to watch. I’m sure he’ll be dropping a video on this soon as well. And thank you to all you warriors out there. All you amazing people who are remediating all this stuff. This is a massive thing. A massive supply chain attack. So, get that কফি brewing. And if you’re affected by this, I’d love to hear in the comments below how it’s going. How How bad is it? Maybe offer some help or advice for people who may be going through this. That’s all I got. I’ll catch you guys next time. হেই, you made it to the end of the video and at the end of my videos I like to pray for you, my audience. I know it’s kind of weird. Go with it. Life is weird. 1 2 3 pray. God, I thank you for the person on the other side of this camera, on the other side of the screen. I ask in your name that you bless them in their lives right now. That um if they are affected by this হ্যাক that you would give them the passion and the strength and the ability and the diligence and the energy to just tackle this with স্কিল. That you would bless their their own personal computing environment, their company’s environment, and just ask that you would make them a rock star in this moment. Um equip them with everything they need. Um if they’re not affected, if they’re just watching this to learn this, I pray that you would turn them into an amazing cyberনিরাপত্তা person. That you would teach them স্কিলs and give them the ability to learn these স্কিলs and absorb them. To learn about about supply chain attacks, to learn how to defend against them. Just bless their lives, God. I pray for my audience right now that you would just give them so much favor in their lives and their families. I pray for success over their career and if there’s any anxiety over anything in tech that’s hঅ্যাপening cuz everything’s moving very fast, remove that anxiety. Just let it melt off of them and let them take one day at a time, learn that next thing, and just stay relentlessly optimistic. I ask this in your name, Jesus. Amen. All right, that’s all I got. Actually, I’m going to have um going to have Pikachu try to explain supply chain attacks to you real quick. She begged me to let her do this. হাই. I’m Maddie Keith and today I’ll like I’ll be supplying supply chain attacks. The কফি? The The analogy I gave. >> Oh, okay. So, let’s do this. The কফি explanation. So, let’s say if this really bad guy wants to poison you and you have your cup of কফি. He put this nice cup of warm hot কফি and he gets poison and he puts in the কফি and you drink it. Okay, but in the next explanation is if you have a কফি bag with beans in it, কফি beans, and but the guy with the poison puts it with the কফি কফি beans and now you have poison কফি beans. But the really bad one is if the guy where like like there’s all these কফি bean bags and they’re all together and the guy puts poison in one of the কফি bean bags. All of the কফি bean bags then all of the other কফি bean bags get exposed exposed exposed. So, that’s my that’s the explanation. So, basically I think what’s it called again? Supply chain attack. Supply chain attack is where there’s a source and it goes in your computer and it’s like I think it’s like a virus, right? Yeah. It’s like a virus and pretend the poison in my analogy is a virus and the কফি and the কফি bean and the কফি bean bags are your computers. So, yeah. That’s it. Thank you.

This just became the most dangerous command that anyone can run. npm install anything. Fill in the blank. n a n, openclaw, doesn’t matter. We’re still uncovering just how bad the fallout on this is. Anyone could be infected. You could be infected. And this just happened. Axios, the most popular HTTP library, over 100 million downloads a week, was hijacked. A hacker took over the lead maintainer’s account, injected malicious code without actually injecting malicious code, and it deploys a remote access Trojan in under 1.1 seconds. And the malware erases itself. No trace left behind. This just might be the most sophisticated and dangerous supply chain attack in history. Get your coffee ready. Let’s dig into how this happened today. Like just a few hours ago. So, how exactly did this happen? Here’s what we know so far. I’m going to walk you through the entire attack from how they got in to how the malware erased itself. And how it was discovered because, you know, we’re kind of talking about this right now. Now, first, you probably have Axios installed, the thing that got hacked. I’ll show you how to check to see if you’re on the bad version here in a moment. It’s an HTTP library, and it’s essentially how code talks to the internet. But you’ll rarely install it directly. Like I’ve never installed Axios, but I do have it installed. How? npm install. npm is the package manager for JavaScript, essentially the app store for code. Devs use it a ton. And so do you if you’ve installed something like n a n or openclaw. But you’re not just installing openclaw when you do that. You’re installing a bunch of dependencies or other code written by other people that the app you’re installing depends on to work. You’re trusting openclaw, but openclaw is trusting Axios. This is how most software works. And as it stands, the average npm project trusts 200 to 2,100 strangers with code execution. And I want to hit home the strangers part because this is where we got in trouble with Axios. Axios, something that 174,000 projects depend on, is coded by a bunch of random people. I mean, here’s the change log right here. Looking at the commits, random people. Pay attention to this guy. And these are unpaid people. This is open source. And one of those people got compromised. This guy. I feel so bad for this guy today. Jason Saiman, probably not his real name. Maybe it is. He’s a lead maintainer for Axios, and the attacker got his access token, a long-lived NPM classic access token that gave the attacker the keys to the kingdom. Now, we don’t know how this happened just yet. We just know that it did. And this is when things get bad. He changed his account email to this email address, I have [email protected]. And the attacker was really clever because he never actually added any malicious code to Axios. Instead, he added one line to the package.json file. Here it is clean. Don’t blink. This is what he changed. plain_crypto.js. Notice dependencies. They keep getting us in trouble. Now, this is a simple dependency. Nothing kind of crazy about it. No one would really notice this. In fact, an average code reviewer would just go, “Oh, that’s a simple crypto thing.” And this sucker was never imported to any of Axios’s 86 source files. It exists only to install its post-install script. But, the attacker was smart. They actually staged a clean version of this file 18 hours before the malicious one. And they were able to bypass the typical CICD pipelines by using NPM CLI, essentially skipping all the guardrails that would normally catch something like this. Now, socket.dev was the first person or the first company to find this. And they have a really fun diagram I want to show you. Oh, and also, they changed two release branches, the 1.x and 0.x. Specifically, the 1.14.1 and the 0.30.4. And they were poisoned within 39 minutes of each other. So, any project using a caret range of these two releases would pull the compromised version on the next NPM install, which often happens automatically with CICD pipelines or when you’re just installing open clock as some YouTuber told you to do it during that time frame. I’m sorry. So, when you do NPM install, this post-install script runs automatically by itself. You don’t have to do anything. And it triggers what’s called a dropper. This dropper drops in setup.js. Now, it looks harmless. Looks like math. But, here we have two layers of obfuscation, which hides all the dangerous stuff from static scanners. It’s using XOR and base 64 and this weird order 7077 phrase. Does anyone know what that means? So, now that setup.js has the obfuscated all the dangerous stuff. Or revealed it, it can use it. It will then detect the operating system that it’s currently running on, which operating system you have. It will then contact the C2 server, the command and control server, which the attacker operates, and downloads the specific RAT or remote access Trojan software onto that computer. And this is what it would look like on Mac, Windows, and Linux. This happens 1.1 seconds after npm install. And then it cleans up. It deletes setup.js, deletes the malicious package.json, and renames the pre-staged package.md to package.json, which is a clean version. At this point, the attacker has access to your system. They can access your stuff in 1.1 seconds, and you didn’t even know. And you weren’t doing anything weird or wrong. You were just installing or using software from people that you trust. It’s not your fault. It’s a supply chain attack. It’s kind of like this. If someone wanted to poison me, they could just put poison in this cup of coffee, but that’d be hard cuz I’m always watching my coffee. But, they could instead go to the coffee roaster and poison the beans I buy. Actually, I need some more coffee right now. Or maybe they go higher up the chain. Maybe they poison the powder on these coffee bags, the same bags that are used by all the suppliers. That would expand their reach, poisoning a lot more people. I know this analogy is kind of dark. Or they can go bigger. What if they poisoned the water supply, going after the water I use to brew my coffee? And now they’ve expanded their use beyond coffee drinkers. It’s everyone who uses the water. And that’s kind of the scope we’re dealing with right now with the axios supply chain attack. So, let’s find out if you drink the water. Because here’s the thing, you might have axios installed, but you may not even know. I know I have it installed. I think I’m safe. Let’s check together right now. Because again, this stuff just happened. I’m kind of discovering it with you. All right. Thank you, Pikachu. You can leave now. Okay. Bye. Okay. Let’s check. Let’s open up your terminal first. Type in this. npm list -g axios. Check your versions. If you see 1.14.1 or 0.30.4, you may want to do a deeper search across your entire system. We can use this little multi-multiline command here. And I’ll have all these commands below for all the systems. And it’s finding things I’ve custom built myself. I didn’t even know how to axios in them. It’s everywhere, man. Now, let’s check if the rat actually made it onto your system. I’m going to use this command to see if it’s on my Mac. Not there. I’ll have commands for what Windows and Linux below. And you can also check if it’s going to reach out to the command and control server. This is the IP that was found. It was taken down or it’s not up anymore. If none of that showed anything, you’re probably good for now. Just keep an eye out. But if you found anything, stop right now. Don’t just delete files. Treat your machine as a compromised machine. Rotate your API keys. Every credential, every token. I’ll have a full remediation checklist below. Keep an eye out. Keep your ear to the ground. And it seems like this is happening more and more often now. Um ha- AI is amazing and it’s been helping us build stuff, but it’s also helping the hackers do things. This is happening way more often than it should. So, pay attention. Be secure. Um also, go watch John Hammond’s live stream where he actually woke up and went through all this and went through all the code. It was very fun to watch. I’m sure he’ll be dropping a video on this soon as well. And thank you to all you warriors out there. All you amazing people who are remediating all this stuff. This is a massive thing. A massive supply chain attack. So, get that coffee brewing. And if you’re affected by this, I’d love to hear in the comments below how it’s going. How How bad is it? Maybe offer some help or advice for people who may be going through this. That’s all I got. I’ll catch you guys next time. Hey, you made it to the end of the video and at the end of my videos I like to pray for you, my audience. I know it’s kind of weird. Go with it. Life is weird. 1 2 3 pray. God, I thank you for the person on the other side of this camera, on the other side of the screen. I ask in your name that you bless them in their lives right now. That um if they are affected by this hack that you would give them the passion and the strength and the ability and the diligence and the energy to just tackle this with skill. That you would bless their their own personal computing environment, their company’s environment, and just ask that you would make them a rock star in this moment. Um equip them with everything they need. Um if they’re not affected, if they’re just watching this to learn this, I pray that you would turn them into an amazing cybersecurity person. That you would teach them skills and give them the ability to learn these skills and absorb them. To learn about about supply chain attacks, to learn how to defend against them. Just bless their lives, God. I pray for my audience right now that you would just give them so much favor in their lives and their families. I pray for success over their career and if there’s any anxiety over anything in tech that’s happening cuz everything’s moving very fast, remove that anxiety. Just let it melt off of them and let them take one day at a time, learn that next thing, and just stay relentlessly optimistic. I ask this in your name, Jesus. Amen. All right, that’s all I got. Actually, I’m going to have um going to have Pikachu try to explain supply chain attacks to you real quick. She begged me to let her do this. Hi. I’m Maddie Keith and today I’ll like I’ll be supplying supply chain attacks. The coffee? The The analogy I gave. >> Oh, okay. So, let’s do this. The coffee explanation. So, let’s say if this really bad guy wants to poison you and you have your cup of coffee. He put this nice cup of warm hot coffee and he gets poison and he puts in the coffee and you drink it. Okay, but in the next explanation is if you have a coffee bag with beans in it, coffee beans, and but the guy with the poison puts it with the coffee coffee beans and now you have poison coffee beans. But the really bad one is if the guy where like like there’s all these coffee bean bags and they’re all together and the guy puts poison in one of the coffee bean bags. All of the coffee bean bags then all of the other coffee bean bags get exposed exposed exposed. So, that’s my that’s the explanation. So, basically I think what’s it called again? Supply chain attack. Supply chain attack is where there’s a source and it goes in your computer and it’s like I think it’s like a virus, right? Yeah. It’s like a virus and pretend the poison in my analogy is a virus and the coffee and the coffee bean and the coffee bean bags are your computers. So, yeah. That’s it. Thank you.

This just became the most dangerous command that anyone can run. npm install anything. Fill in the blank. n a n, openclaw, doesn’t matter. We’re still uncovering just how bad the fallout on this is. Anyone could be infected. You could be infected. And this just hऐपened. Axios, the most popular HTTP library, over 100 million डाउनलोडs a week, was hijacked. A हैकer took over the lead maintainer’s account, injected malicious कोड without actually injecting malicious कोड, and it deploys a remote access Trojan in under 1.1 seconds. And the malware erases itself. No trace left behind. This just might be the most sophisticated and dangerous supply chain attack in history. Get your कॉफ़ी ready. Let’s dig into how this hऐपened today. Like just a few hours ago. So, how exactly did this hऐपen? Here’s what we know so far. I’m going to walk you through the entire attack from how they got in to how the malware erased itself. And how it was discovered because, you know, we’re kind of talking about this right now. Now, first, you probably have Axios installed, the thing that got हैकed. I’ll show you how to check to see if you’re on the bad version here in a moment. It’s an HTTP library, and it’s essentially how कोड talks to the internet. But you’ll rarely install it directly. Like I’ve never installed Axios, but I do have it installed. How? npm install. npm is the package manager for JavaScript, essentially the ऐप store for कोड. Devs use it a ton. And so do you if you’ve installed something like n a n or openclaw. But you’re not just installing openclaw when you do that. You’re installing a bunch of dependencies or other कोड written by other people that the ऐप you’re installing depends on to work. You’re trusting openclaw, but openclaw is trusting Axios. This is how most software works. And as it stands, the average npm project trusts 200 to 2,100 strangers with कोड execution. And I want to hit home the strangers part because this is where we got in trouble with Axios. Axios, something that 174,000 projects depend on, is कोडd by a bunch of random people. I mean, here’s the change log right here. Looking at the commits, random people. Pay attention to this guy. And these are unpaid people. This is open source. And one of those people got compromised. This guy. I feel so bad for this guy today. Jason Saiman, probably not his real name. Maybe it is. He’s a lead maintainer for Axios, and the attacker got his access token, a long-lived NPM classic access token that gave the attacker the keys to the kingdom. Now, we don’t know how this hऐपened just yet. We just know that it did. And this is when things get bad. He changed his account email to this email address, I have [email protected]. And the attacker was really clever because he never actually added any malicious कोड to Axios. Instead, he added one line to the package.json file. Here it is clean. Don’t blink. This is what he changed. plain_crypto.js. Notice dependencies. They keep getting us in trouble. Now, this is a simple dependency. Nothing kind of crazy about it. No one would really notice this. In fact, an average कोड reviewer would just go, “Oh, that’s a simple crypto thing.” And this sucker was never imported to any of Axios’s 86 source files. It exists only to install its post-install script. But, the attacker was smart. They actually staged a clean version of this file 18 hours before the malicious one. And they were able to bypass the typical CICD pipelines by using NPM CLI, essentially skipping all the guardrails that would normally catch something like this. Now, socket.dev was the first person or the first company to find this. And they have a really fun diagram I want to show you. Oh, and also, they changed two release branches, the 1.x and 0.x. Specifically, the 1.14.1 and the 0.30.4. And they were poisoned within 39 minutes of each other. So, any project using a caret range of these two releases would pull the compromised version on the next NPM install, which often hऐपens automatically with CICD pipelines or when you’re just installing open clock as some यूट्यूबr told you to do it during that time frame. I’m sorry. So, when you do NPM install, this post-install script runs automatically by itself. You don’t have to do anything. And it triggers what’s called a dropper. This dropper drops in setup.js. Now, it looks harmless. Looks like math. But, here we have two layers of obfuscation, which hides all the dangerous stuff from static scanners. It’s using XOR and base 64 and this weird order 7077 phrase. Does anyone know what that means? So, now that setup.js has the obfuscated all the dangerous stuff. Or revealed it, it can use it. It will then detect the operating system that it’s currently running on, which operating system you have. It will then contact the C2 सर्वर, the command and control सर्वर, which the attacker operates, and डाउनलोडs the specific RAT or remote access Trojan software onto that computer. And this is what it would look like on मैक, विंडोज, and लिनक्स. This hऐपens 1.1 seconds after npm install. And then it cleans up. It deletes setup.js, deletes the malicious package.json, and renames the pre-staged package.md to package.json, which is a clean version. At this point, the attacker has access to your system. They can access your stuff in 1.1 seconds, and you didn’t even know. And you weren’t doing anything weird or wrong. You were just installing or using software from people that you trust. It’s not your fault. It’s a supply chain attack. It’s kind of like this. If someone wanted to poison me, they could just put poison in this cup of कॉफ़ी, but that’d be hard cuz I’m always watching my कॉफ़ी. But, they could instead go to the कॉफ़ी roaster and poison the beans I buy. Actually, I need some more कॉफ़ी right now. Or maybe they go higher up the chain. Maybe they poison the powder on these कॉफ़ी bags, the same bags that are used by all the suppliers. That would expand their reach, poisoning a lot more people. I know this analogy is kind of dark. Or they can go bigger. What if they poisoned the water supply, going after the water I use to brew my कॉफ़ी? And now they’ve expanded their use beyond कॉफ़ी drinkers. It’s everyone who uses the water. And that’s kind of the scope we’re dealing with right now with the axios supply chain attack. So, let’s find out if you drink the water. Because here’s the thing, you might have axios installed, but you may not even know. I know I have it installed. I think I’m safe. Let’s check together right now. Because again, this stuff just hऐपened. I’m kind of discovering it with you. All right. Thank you, Pikachu. You can leave now. Okay. Bye. Okay. Let’s check. Let’s open up your टर्मिनल first. Type in this. npm list -g axios. Check your versions. If you see 1.14.1 or 0.30.4, you may want to do a deeper search across your entire system. We can use this little multi-multiline command here. And I’ll have all these commands below for all the systems. And it’s finding things I’ve custom built myself. I didn’t even know how to axios in them. It’s everywhere, man. Now, let’s check if the rat actually made it onto your system. I’m going to use this command to see if it’s on my मैक. Not there. I’ll have commands for what विंडोज and लिनक्स below. And you can also check if it’s going to reach out to the command and control सर्वर. This is the IP that was found. It was taken down or it’s not up anymore. If none of that showed anything, you’re probably good for now. Just keep an eye out. But if you found anything, stop right now. Don’t just delete files. Treat your machine as a compromised machine. Rotate your एपीआई keys. Every credential, every token. I’ll have a full remediation checklist below. Keep an eye out. Keep your ear to the ground. And it seems like this is hऐपening more and more often now. Um ha- एआई is amazing and it’s been helping us build stuff, but it’s also helping the हैकers do things. This is hऐपening way more often than it should. So, pay attention. Be secure. Um also, go watch John Hammond’s live stream where he actually woke up and went through all this and went through all the कोड. It was very fun to watch. I’m sure he’ll be dropping a video on this soon as well. And thank you to all you warriors out there. All you amazing people who are remediating all this stuff. This is a massive thing. A massive supply chain attack. So, get that कॉफ़ी brewing. And if you’re affected by this, I’d love to hear in the comments below how it’s going. How How bad is it? Maybe offer some help or advice for people who may be going through this. That’s all I got. I’ll catch you guys next time. अरे, you made it to the end of the video and at the end of my videos I like to pray for you, my audience. I know it’s kind of weird. Go with it. Life is weird. 1 2 3 pray. God, I thank you for the person on the other side of this camera, on the other side of the screen. I ask in your name that you bless them in their lives right now. That um if they are affected by this हैक that you would give them the passion and the strength and the ability and the diligence and the energy to just tackle this with स्किल. That you would bless their their own personal computing environment, their company’s environment, and just ask that you would make them a rock star in this moment. Um equip them with everything they need. Um if they’re not affected, if they’re just watching this to learn this, I pray that you would turn them into an amazing cyberसुरक्षा person. That you would teach them स्किलs and give them the ability to learn these स्किलs and absorb them. To learn about about supply chain attacks, to learn how to defend against them. Just bless their lives, God. I pray for my audience right now that you would just give them so much favor in their lives and their families. I pray for success over their career and if there’s any anxiety over anything in tech that’s hऐपening cuz everything’s moving very fast, remove that anxiety. Just let it melt off of them and let them take one day at a time, learn that next thing, and just stay relentlessly optimistic. I ask this in your name, Jesus. Amen. All right, that’s all I got. Actually, I’m going to have um going to have Pikachu try to explain supply chain attacks to you real quick. She begged me to let her do this. नमस्ते. I’m Maddie Keith and today I’ll like I’ll be supplying supply chain attacks. The कॉफ़ी? The The analogy I gave. >> Oh, okay. So, let’s do this. The कॉफ़ी explanation. So, let’s say if this really bad guy wants to poison you and you have your cup of कॉफ़ी. He put this nice cup of warm hot कॉफ़ी and he gets poison and he puts in the कॉफ़ी and you drink it. Okay, but in the next explanation is if you have a कॉफ़ी bag with beans in it, कॉफ़ी beans, and but the guy with the poison puts it with the कॉफ़ी कॉफ़ी beans and now you have poison कॉफ़ी beans. But the really bad one is if the guy where like like there’s all these कॉफ़ी bean bags and they’re all together and the guy puts poison in one of the कॉफ़ी bean bags. All of the कॉफ़ी bean bags then all of the other कॉफ़ी bean bags get exposed exposed exposed. So, that’s my that’s the explanation. So, basically I think what’s it called again? Supply chain attack. Supply chain attack is where there’s a source and it goes in your computer and it’s like I think it’s like a virus, right? Yeah. It’s like a virus and pretend the poison in my analogy is a virus and the कॉफ़ी and the कॉफ़ी bean and the कॉफ़ी bean bags are your computers. So, yeah. That’s it. Thank you.