abobla@lemm.ee to Linux@lemmy.ml · edit-21 day agoMalicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attackthehackernews.comexternal-linkmessage-square27fedilinkarrow-up1202arrow-down14file-text
arrow-up1198arrow-down1external-linkMalicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attackthehackernews.comabobla@lemm.ee to Linux@lemmy.ml · edit-21 day agomessage-square27fedilinkfile-text
Packages: github.com/truthfulpharm/prototransform github.com/blankloggia/go-mcp github.com/steelpoor/tlsproxy
minus-squarekrakenfury@lemmy.sdf.orglinkfedilinkEnglisharrow-up40arrow-down2·1 day ago PyPi npm Maven Central Docker Hub Artifact Hub PPA AUR The problem isn’t specific to anything. It’s also not specific to malware. Vulnerabilities are just as dangerous, if not more so.
minus-squareFurryMemesAccount@lemmy.blahaj.zonelinkfedilinkarrow-up7·12 hours agoCargo also has a --git option but I suppose it’s not default behavior
minus-squarekrakenfury@lemmy.sdf.orglinkfedilinkEnglisharrow-up2·9 hours agoSure! My point is that hosting doesn’t really matter, though. Malware and vulnerabilities are introduced at all points of supply chains.
minus-squareFurryMemesAccount@lemmy.blahaj.zonelinkfedilinkarrow-up3·8 hours agoI agree, I was just giving another example to raise awareness about that feature of rust.
The problem isn’t specific to anything. It’s also not specific to malware. Vulnerabilities are just as dangerous, if not more so.
Cargo also has a
--gitoption but I suppose it’s not default behaviorSure! My point is that hosting doesn’t really matter, though. Malware and vulnerabilities are introduced at all points of supply chains.
I agree, I was just giving another example to raise awareness about that feature of rust.