top | item 45080335 Supply Chain Attack Targeting Linux and Mac 6 points| hm-nah | 6 months ago |kaspersky.co.uk 5 comments order hn newest hm-nah|6 months ago I got smooched by this mofo. Got an email from GitHub Sec saying a repo in my own account was deleted because of a known vuln.My NX Console EXTENSION in VS Code was updated after the supply chain attack was initialized by the malicious actor.The symptom, besides the email from GitSec, was all my terminals initialized prompted for sudo pw, because ~/.bashrc had sudo shutdown appended. hm-nah|6 months ago The Kaspersky article says the hackers were focused on crypto wallets, env vars, and ssh keys, but what about .azure/cache-tokens.json, .aws/creds, .gcp/creds, etc.? palmfacehn|6 months ago And the worst toolchain+ecosystem award goes to... load replies (1)
hm-nah|6 months ago I got smooched by this mofo. Got an email from GitHub Sec saying a repo in my own account was deleted because of a known vuln.My NX Console EXTENSION in VS Code was updated after the supply chain attack was initialized by the malicious actor.The symptom, besides the email from GitSec, was all my terminals initialized prompted for sudo pw, because ~/.bashrc had sudo shutdown appended. hm-nah|6 months ago The Kaspersky article says the hackers were focused on crypto wallets, env vars, and ssh keys, but what about .azure/cache-tokens.json, .aws/creds, .gcp/creds, etc.? palmfacehn|6 months ago And the worst toolchain+ecosystem award goes to... load replies (1)
hm-nah|6 months ago The Kaspersky article says the hackers were focused on crypto wallets, env vars, and ssh keys, but what about .azure/cache-tokens.json, .aws/creds, .gcp/creds, etc.?
hm-nah|6 months ago
My NX Console EXTENSION in VS Code was updated after the supply chain attack was initialized by the malicious actor.
The symptom, besides the email from GitSec, was all my terminals initialized prompted for sudo pw, because ~/.bashrc had sudo shutdown appended.
hm-nah|6 months ago
palmfacehn|6 months ago