@abobla@lemm.ee to Linux@lemmy.ml • edit-25 days agoMalicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attackthehackernews.comexternal-linkmessage-square27fedilinkarrow-up1207arrow-down13file-textcross-posted to: linux@programming.dev
arrow-up1204arrow-down1external-linkMalicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attackthehackernews.com@abobla@lemm.ee to Linux@lemmy.ml • edit-25 days agomessage-square27fedilinkfile-textcross-posted to: linux@programming.dev
Packages: github.com/truthfulpharm/prototransform github.com/blankloggia/go-mcp github.com/steelpoor/tlsproxy
minus-square@krakenfury@lemmy.sdf.orglinkfedilinkEnglish40•5 days ago PyPi npm Maven Central Docker Hub Artifact Hub PPA AUR The problem isn’t specific to anything. It’s also not specific to malware. Vulnerabilities are just as dangerous, if not more so.
minus-square@FurryMemesAccount@lemmy.blahaj.zonelinkfedilink7•4 days agoCargo also has a --git option but I suppose it’s not default behavior
minus-square@krakenfury@lemmy.sdf.orglinkfedilinkEnglish2•4 days agoSure! My point is that hosting doesn’t really matter, though. Malware and vulnerabilities are introduced at all points of supply chains.
minus-square@FurryMemesAccount@lemmy.blahaj.zonelinkfedilink3•4 days agoI agree, I was just giving another example to raise awareness about that feature of rust.
The problem isn’t specific to anything. It’s also not specific to malware. Vulnerabilities are just as dangerous, if not more so.
Cargo also has a
--gitoption but I suppose it’s not default behaviorSure! My point is that hosting doesn’t really matter, though. Malware and vulnerabilities are introduced at all points of supply chains.
I agree, I was just giving another example to raise awareness about that feature of rust.