Hackaday

This Week In Security: PostHog, Project Zero Refresh, And Thanks For All The Fish

There’s something immensely satisfying about taking a series of low impact CVEs, and stringing them together into a full exploit. That’s the story we have from [Mehmet Ince] of Prodraft, who found a ...
来自MSN

PostHog承认Shai-Hulud 2.0是其历史上最严重的安全事件

PostHog表示,Shai-Hulud 2.0 npm蠕虫攻击是该公司"经历过的规模最大、影响最严重的安全事件",攻击者在其JavaScript SDK中植入恶意代码,试图自动窃取开发者凭据。 在PostHog发布的事后分析报告中,作为受Shai-Hulud 2.0影响的多个软件包维护者之一,该公司表示被污染的 ...