qaz@lemmy.world to Selfhosted@lemmy.worldEnglish · 26 days agoAxios JavaScript library has been compromised with malware in supply chain attackgithub.comexternal-linkmessage-square12linkfedilinkarrow-up1229arrow-down10
arrow-up1229arrow-down1external-linkAxios JavaScript library has been compromised with malware in supply chain attackgithub.comqaz@lemmy.world to Selfhosted@lemmy.worldEnglish · 26 days agomessage-square12linkfedilink
minus-squareTechnoCat@piefed.sociallinkfedilinkEnglisharrow-up4·26 days agoOn closer inspection, preventing post-install would have fixed it too: “The attack exploited a transitive dependency, plain-crypto-js@4.2.1, which executed a postinstall script to deploy the RAT.”
On closer inspection, preventing post-install would have fixed it too: “The attack exploited a transitive dependency, plain-crypto-js@4.2.1, which executed a postinstall script to deploy the RAT.”