abobla@lemm.ee to Linux@lemmy.ml · edit-21 year agoMalicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attackthehackernews.comexternal-linkmessage-square27fedilinkarrow-up1213arrow-down14file-textcross-posted to: linux@programming.dev
arrow-up1209arrow-down1external-linkMalicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attackthehackernews.comabobla@lemm.ee to Linux@lemmy.ml · edit-21 year agomessage-square27fedilinkfile-textcross-posted to: linux@programming.dev
Packages: github.com/truthfulpharm/prototransform github.com/blankloggia/go-mcp github.com/steelpoor/tlsproxy
minus-squarekrakenfury@lemmy.sdf.orglinkfedilinkEnglisharrow-up43arrow-down2·1 year ago PyPi npm Maven Central Docker Hub Artifact Hub PPA AUR The problem isn’t specific to anything. It’s also not specific to malware. Vulnerabilities are just as dangerous, if not more so.
minus-squareFurryMemesAccount@lemmy.blahaj.zonelinkfedilinkarrow-up7·1 year agoCargo also has a --git option but I suppose it’s not default behavior
minus-squarekrakenfury@lemmy.sdf.orglinkfedilinkEnglisharrow-up2·1 year agoSure! My point is that hosting doesn’t really matter, though. Malware and vulnerabilities are introduced at all points of supply chains.
minus-squareFurryMemesAccount@lemmy.blahaj.zonelinkfedilinkarrow-up3·1 year agoI agree, I was just giving another example to raise awareness about that feature of rust.
The problem isn’t specific to anything. It’s also not specific to malware. Vulnerabilities are just as dangerous, if not more so.
Cargo also has a
--gitoption but I suppose it’s not default behaviorSure! My point is that hosting doesn’t really matter, though. Malware and vulnerabilities are introduced at all points of supply chains.
I agree, I was just giving another example to raise awareness about that feature of rust.