|
|
|
|
|
|
by roskilli
34 days ago
|
|
|
Well one thing is, there are package updates that could masquerade a backdoor much like XZ Utils[1]. The post in question points to dependency package managers however not system packages, such as NPM, which has pre and post build scripts, install scripts, etc. [1] https://en.wikipedia.org/wiki/XZ_Utils_backdoor |
|
|