schnurrito@discuss.tchncs.de to Cybersecurity@sh.itjust.worksEnglish · 19 days agoDozens of Red Hat packages backdoored through its official NPM channelarstechnica.comexternal-linkmessage-square19linkfedilinkarrow-up185arrow-down12cross-posted to: news@lemmy.linuxuserspace.showcybersecurity@infosec.pubpulse_of_truth@infosec.pubsecops@lemmy.world
arrow-up183arrow-down1external-linkDozens of Red Hat packages backdoored through its official NPM channelarstechnica.comschnurrito@discuss.tchncs.de to Cybersecurity@sh.itjust.worksEnglish · 19 days agomessage-square19linkfedilinkcross-posted to: news@lemmy.linuxuserspace.showcybersecurity@infosec.pubpulse_of_truth@infosec.pubsecops@lemmy.world
minus-squareBoofStroke@sh.itjust.workslinkfedilinkEnglisharrow-up25·19 days agoIt’s a “package manager” that has zero integrity checks built in. Web devs also love it. Nice combination.
It’s a “package manager” that has zero integrity checks built in. Web devs also love it. Nice combination.
Culture problem imo.