Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

abobla@lemm.ee · edit-2 2 months ago

vegetvs@kbin.earth · 2 months ago

The Go programming language allows developers to fetch modules directly from version control platforms like GitHub.

This is absolutely not just specific to Go.

krakenfury@lemmy.sdf.org · 2 months ago

The problem isn’t specific to anything. It’s also not specific to malware. Vulnerabilities are just as dangerous, if not more so.

HelloRoot@lemy.lol · 2 months ago

Aaah finally, malware for Linux, truly the year of the Linux Desktop!

FriendBesto@lemmy.ml · 1 month ago

Notice me Hacker Senpai!

Ahrotahntee@lemmy.ca · 2 months ago

We made it! I never thought I’d live to see this day!

termaxima@programming.dev · edit-2 8 days ago

deleted by creator

CptKrkIsClmbngThMntn [any]@hexbear.net · 2 months ago

The one, fool-proof solution to supply chain attacks? Write all your own dependencies.

abobla@lemm.ee · 2 months ago

I’m already writing my own dependency to check if a number is even:

if (number == 0) return true
if (number == 1) return false
if (number == 2) return true
if (number == 3) return false

I’m almost there!