You must log in or register to comment.
Someone used a hammer to smash a window and steal stuff. Quick, ban hammers!!!
Getting rid of the tools to exploit vulnerabilities doesn’t get rid of the vulnerabilities, and security by obscurity is not security.
Concerning this particular article, perhaps the vulnerability here are not a mallicious software packages, but the management of these software repo’s.
Should it be possible to upload a package on a repo with 99% of the same name as one that already exists without some additional checks?
@HumanPerson @Pro True, though we should probably do away with cursor for entirely different reasons.
youtu.be/H2S7PKWaP7c
