Hacker News
- Dependency Confusion: How I Hacked Into Apple, Microsoft and Other Companies https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610 402 comments
- Dependency Confusion: RCE via internal package name squatting https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610 6 comments
Lobsters
- Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610 17 comments security
- A Confusing Dependency http://blog.autsoft.hu/a-confusing-dependency/ 2 comments java , programming
- What is the most complicated and confusing tech stack you have worked on which had unnecessary integrations and unwarranted dependencies? https://github.com/stackshareio/awesome-stacks 4 comments programming
- Confusion with emacs+slime+quicklisp: (require :some-package) working or not depending on how I evaluate the file None 2 comments common_lisp
- Single Author Uploaded 168 Packages to npm as Part of a Massive Dependency Confusion Attack https://www.mend.io/resources/blog/single-author-uploaded-168-packages-to-npm-as-part-of-a-massive-dependency-confusion-attack/ 9 comments javascript
- Snyk finds 200+ malicious npm packages, including Cobalt Strike dependency confusion attacks https://snyk.io/blog/snyk-200-malicious-npm-packages-cobalt-strike-dependency-confusion-attacks/ 2 comments node
- Confusion about specifying version in cargo dependencies https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html 26 comments rust
- Anyone else find the process of actually running matplotlib to be really confusing? The rules are different depending on how you're running Python. Plus there's the whole "PyPlot vs Object Oriented" approaches.. https://www.practiceprobs.com/problemsets/matplotlib/beginner/#how-to-run-matplotlib-code 20 comments python
- Fixing the Dependency Confusion Vulnerability in 600+ Ruby Apps https://shopify.engineering/fixing-dependency-confusion-ruby-applications 6 comments ruby
- Top Organizations On GitHub Vulnerable To Dependency Confusion Attacks - RedHunt Labs https://redhuntlabs.com/blog/top-organizations-on-github-vulnerable-to-dependency-confusion-attack.html 6 comments netsec
- Yay - make dependencies needed or not confusion https://unix.stackexchange.com/a/528012 5 comments archlinux
- Dependency Confusion Supply Chain Attack on pub.dev https://pub.dev 11 comments dartlang
- RubyGems dependency confusion side of things https://mensfeld.pl/2021/02/rubygems-dependency-confusion-side-of-things 4 comments ruby
- Dependency Confusion: Yes, it affects NuGet packages, too. https://dev.to/sharpninja/dependency-confusion-yes-it-affects-nuget-packages-too-2h2g 3 comments csharp
- Preventing Dependency Confusion in PHP with Composer https://blog.packagist.com/preventing-dependency-hijacking/ 10 comments php
- Haskell is vulnerable to dependency confusion https://www.reddit.com/r/haskell/comments/lhmbw3/haskell_is_vulnerable_to_dependency_confusion/ 38 comments haskell
- How would CPAN fare under a dependency confusion attack, especially using a system like Pinto? https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610 4 comments perl
- Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610 29 comments programming
- Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610?sk=991ef9a180558d25c5c6bc5081c99089 74 comments programming
- Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610?sk=991ef9a180558d25c5c6bc5081c99089 94 comments netsec
- Trump’s Ukraine-scandal strategy — counterpunch, confuse and con — depends on the media https://www.washingtonpost.com/lifestyle/style/trumps-ukraine-scandal-strategy--counterpunch-confuse-and-con--depends-on-the-media/2019/09/24/f33433da-dec3-11e9-8dc8-498eabc129a0_story.html 6 comments politics
- I can't figure out how to use beam. Stack dependency issues are confusing. https://www.reddit.com/r/haskell/comments/b1vtqu/i_cant_figure_out_how_to_use_beam_stack/ 3 comments haskell
- Europe Isn't Realistic. It's Weak. The EU has committed to outsourcing its dirty work to authoritarians in the Middle East and Africa—and to confusing dependence for maturity. https://foreignpolicy.com/2019/03/03/europe-isnt-realistic-its-weak/ 14 comments europe
- Confused about Laravel Automatic Dependency Injection https://www.reddit.com/r/laravel/comments/agxwym/confused_about_laravel_automatic_dependency/ 17 comments laravel
- A Confusing Dependency https://blog.autsoft.hu/a-confusing-dependency/ 7 comments programming
- Confused about 1040x. I claimed my mother as a dependent while she claimed her self and I must amend this. https://www.irs.gov/pub/irs-pdf/i1040x.pdf 32 comments personalfinance
- Simon Stone - Long JM answer about what a 'box to box' is, then: "Paul Pogba is a midfielder. Not left back/striker. Depends on tactical system but always midfield player. With so many opinions, people get confused. Between me + Paul no confusion. Difficult to find one with more potential." https://twitter.com/sistoney67/status/961956983434817537 7 comments soccer
- First time filing dependents, very confused https://www.reddit.com/r/tax/comments/7uikqx/first_time_filing_dependents_very_confused/ 15 comments tax
- Confused about dependent care FSA Option. https://www.reddit.com/r/personalfinance/comments/78vtvk/confused_about_dependent_care_fsa_option/ 16 comments personalfinance
- The idea that disjoint events are dependent by nature confuses me. Could somebody dumb this down? https://www.reddit.com/r/askscience/comments/55owrg/the_idea_that_disjoint_events_are_dependent_by/ 8 comments askscience
- [JAVA] Confused about using GitHub packages that have dependencies. https://github.com/karan/jReddit 3 comments learnprogramming
- As Propane Prices Rise, Worries Grow for Millions of Americans: Inventories are now nearly 50 percent lower than last winter and millions of Southerners and Midwesterners who depend on the fuel are angry and confused. http://www.nytimes.com/2014/02/08/us/as-propane-prices-rise-worries-grow-for-millions-of-americans.html?smid=re-share 42 comments business
- Why Are Americans So Confused? "there was a civics teacher who put forth the proposition that democracy depends on one simple principle: People are rational. Give them free access to information, and they’ll think things through logically to figure out what policies are best... http://www.commondreams.org/view/2012/08/22?print 7 comments politics
- "We must not confuse dissent with disloyalty. We must remember that accusation is not proof and that conviction depends upon evidence and due process of law...We will not be driven by fear into an age of unreason, if we dig deep in our history and remember that we are not descended from fearful men" http://en.wikipedia.org/wiki/Joseph_McCarthy#Edward_R._Murrow.2C_See_It_Now 14 comments politics
- Confusingly, crops engineered to not need chemicals end up making us use more chemicals. Contrary to industry claims, a new report links our dependence on GMO crops to the spread of superweeds. And more herbicides http://www.fastcoexist.com/1682496/confusingly-crops-engineered-to-not-need-chemicals-end-up-making-us-use-more-chemicals 28 comments politics
- We must not confuse dissent with disloyalty. We must remember always that accusation is not proof and that conviction depends upon evidence and due process of law. We will not walk in fear, one of another. We will not be driven by fear into an age of unreason, if we dig deep in our history and our doctrine, and remember that we are not descended from fearful men— not from men who feared to write, to speak, to associate and to defend causes that were, for the moment, unpopular. http://en.wikiquote.org/wiki/edward_r._murrow 14 comments reddit.com