Hacker News
- When Will We Learn? https://drewdevault.com/2022/05/12/Supply-chain-when-will-we-learn.html 15 comments
- When will we learn? - Drew DeVault of Rust's (and other package managers') recent supply chain attack https://drewdevault.com/2022/05/12/Supply-chain-when-will-we-learn.html 8 comments opensource
- Dependency Supply Chain: When will we learn? https://drewdevault.com/2022/05/12/Supply-chain-when-will-we-learn.html 18 comments programming
- When will we learn? - Drew DeVault of Rust's (and other package managers') recent supply chain attack https://drewdevault.com/2022/05/12/Supply-chain-when-will-we-learn.html 46 comments rust
- When will we learn? - Drew DeVault of Rust's (and other package managers') recent supply chain attack https://drewdevault.com/2022/05/12/Supply-chain-when-will-we-learn.html 96 comments linux
Linking pages
Linked pages
- Dev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps https://www.bleepingcomputer.com/news/security/dev-corrupts-npm-libs-colors-and-faker-breaking-thousands-of-apps/ 1595 comments
- BIG sabotage: Famous npm package deletes files to protest Ukraine war https://www.bleepingcomputer.com/news/security/big-sabotage-famous-npm-package-deletes-files-to-protest-ukraine-war/ 624 comments
- Popular 'coa' NPM library hijacked to steal user passwords https://www.bleepingcomputer.com/news/security/popular-coa-npm-library-hijacked-to-steal-user-passwords/ 616 comments
- Virus in eslint-scope? · Issue #39 · eslint/eslint-scope · GitHub https://github.com/eslint/eslint-scope/issues/39 557 comments
- skcsirt-sa-20170909-pypi -NBU http://www.nbu.gov.sk/skcsirt-sa-20170909-pypi/ 506 comments
- Security advisory: malicious crate rustdecimal | Rust Blog https://blog.rust-lang.org/2022/05/10/malicious-crate-rustdecimal.html 199 comments
- Embedded malware in rc · GHSA-g2q5-5433-rhrf · GitHub Advisory Database · GitHub https://github.com/advisories/GHSA-g2q5-5433-rhrf 114 comments
- Malware downloaded from PyPI 41,000 times was surprisingly stealthy | Ars Technica https://arstechnica.com/information-technology/2021/11/malware-downloaded-from-pypi-41000-times-was-surprisingly-stealthy/ 90 comments
- https://lists.archlinux.org/pipermail/aur-general/2018-july/034151.html 81 comments
- npm Blog Archive: Details about the event-stream incident https://blog.npmjs.org/post/180565383195/details-about-the-event-stream-incident 69 comments
- Software downloaded 30,000 times from PyPI ransacked developers’ machines | Ars Technica https://arstechnica.com/gadgets/2021/07/malicious-pypi-packages-caught-stealing-developer-data-and-injecting-code/ 46 comments
- Mining for malicious Ruby gems https://blog.reversinglabs.com/blog/mining-for-malicious-ruby-gems 3 comments
- Embedded malware in ua-parser-js · GHSA-pjwm-rvh2-c87w · GitHub Advisory Database · GitHub https://github.com/advisories/GHSA-pjwm-rvh2-c87w 2 comments
Related searches:
Search whole site: site:drewdevault.com
Search title: When will we learn?
See how to search.