|
|
|
|
|
|
by adamckay
1350 days ago
|
|
|
It's not only the original author, don't forget, but it's any malicious actor that's managed to compromise that hosted script. It should be viewed in the same way that a package author on NPM or PyPI may publish a malicious package, either themselves or via their account being compromised. It's not particularly common, but nor is it impossible and could present a good targe. |
|
|