qaz@lemmy.world to Selfhosted@lemmy.worldEnglish · 1 month agoAxios JavaScript library has been compromised with malware in supply chain attackgithub.comexternal-linkmessage-square12linkfedilinkarrow-up1229arrow-down10cross-posted to: opensource@lemmy.ml
arrow-up1229arrow-down1external-linkAxios JavaScript library has been compromised with malware in supply chain attackgithub.comqaz@lemmy.world to Selfhosted@lemmy.worldEnglish · 1 month agomessage-square12linkfedilinkcross-posted to: opensource@lemmy.ml
minus-squareTechnoCat@piefed.sociallinkfedilinkEnglisharrow-up4·1 month agoOn closer inspection, preventing post-install would have fixed it too: “The attack exploited a transitive dependency, plain-crypto-js@4.2.1, which executed a postinstall script to deploy the RAT.”
On closer inspection, preventing post-install would have fixed it too: “The attack exploited a transitive dependency, plain-crypto-js@4.2.1, which executed a postinstall script to deploy the RAT.”