Skip Navigation

Programming @programming.dev

mox @lemmy.sdf.org

8mo ago

Hundreds of code libraries posted to NPM try to install malware on dev machines

arstechnica.com

Hundreds of code libraries posted to NPM try to install malware on dev machines

Pulse of Truth @infosec.pub

Resident Pulser @infosec.pub

8mo ago

Hundreds of code libraries posted to NPM try to install malware on dev machines

arstechnica.com /security/2024/11/javascript-developers-targeted-by-hundreds-of-malicious-code-libraries/

Technology @lemmy.world

btaf45 @lemmy.world

8mo ago

Hundreds of code libraries posted to NPM try to install malware on dev machines

arstechnica.com /security/2024/11/javascript-developers-targeted-by-hundreds-of-malicious-code-libraries/

Cybersecurity @sh.itjust.works

Nemeski @lemm.ee

8mo ago

Hundreds of code libraries posted to NPM try to install malware on dev machines

arstechnica.com /security/2024/11/javascript-developers-targeted-by-hundreds-of-malicious-code-libraries/

7 comments

Let's see how long it will alles Till Rust hast the same Problems.
- Python with PyPI, C# with Nuget, Docker with Dockerhub, Java with Maven Central, hell even just regular Linux packages from dodgy repositories...
  Supply chain attacks concern almost everything everyone everywhere.
  
  This is one of the more important reasons to minimize dependencies and be very picky about the ones we adopt.

7 comments