event-stream
Safeguard articles tagged "event-stream" — guides, analysis, and best practices for software supply chain and application security.
5 articles
Lessons from event-stream: How a Free Handoff Became a Bitcoin Heist
A volunteer handed control of a hugely popular npm package to a stranger, who used it to target one Bitcoin wallet app. The event-stream incident is the case study in maintainer-handoff risk.
The event-stream npm Attack Explained
In 2018, a hijacked npm maintainer account turned event-stream into a supply chain weapon against crypto wallets. Here's the full CVE-style breakdown.
Event-Stream npm 2018: Package Trust Lessons That Still Apply
The event-stream npm incident remains the cleanest case study in maintainer-handoff risk. What it taught the ecosystem, and what we still ignore in 2026.
event-stream / flatmap-stream npm backdoor incident
How a trusted npm maintainer handoff let attackers plant a wallet-draining backdoor in event-stream, and what it still teaches security teams today.
event-stream: The Copay Attack That Rewrote npm
The 2018 event-stream incident was npm's first high-profile maintainer-handoff attack. The details still shape how we evaluate package trust.