node.js https://news.ycombinator.com/item?id=26087064
Ciekawy watek, warto sie zapoznac.
3 głosy Obserwuj Komentuj Udostępnij
lubie_programowac
Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies
The Story of a Novel Supply Chain Attack
Zaleznosci Nodejs problemem pierwszego swiata
Wibowit
Although this behavior was already commonly known, simply searching GitHub for --extra-index-url was enough to find a few vulnerable scripts belonging to large organizations — including a bug affecting a component of Microsoft’s .NET Core. The vulnerability, which may have allowed adding backdoors to .NET Core, was unfortunately found to be out of scope in the .NET bug bounty program. - pfff :P
A jakieś streszczenie? :)