schnurrito@discuss.tchncs.de to Cybersecurity@sh.itjust.worksEnglish · 19 hours agoDozens of Red Hat packages backdoored through its official NPM channelarstechnica.comexternal-linkmessage-square17fedilinkarrow-up199arrow-down12cross-posted to: [email protected]
arrow-up197arrow-down1external-linkDozens of Red Hat packages backdoored through its official NPM channelarstechnica.comschnurrito@discuss.tchncs.de to Cybersecurity@sh.itjust.worksEnglish · 19 hours agomessage-square17fedilinkcross-posted to: [email protected]
minus-squareFizz@lemmy.nzlinkfedilinkEnglisharrow-up6arrow-down2·18 hours agoI’m not familiar with npm but why is this always NPM? Is it a specific issue they have?
minus-squareBoofStroke@sh.itjust.workslinkfedilinkEnglisharrow-up28·18 hours agoIt’s a “package manager” that has zero integrity checks built in. Web devs also love it. Nice combination.
I’m not familiar with npm but why is this always NPM? Is it a specific issue they have?
It’s a “package manager” that has zero integrity checks built in. Web devs also love it. Nice combination.
Culture problem imo.