Skip to main content

lemmy - Link to source

The Solidity Language open-source package was used in a $500,000 crypto heist

Code highlighting with Cursor AI for $500,000

Kaspersky GReAT experts uncover malicious extensions for Cursor AI that download the Quasar backdoor and a crypto stealer.
Georgy Kucherin (Kaspersky)
#Cybersecurity
in reply to Pro

HumanPerson
lemmy - Link to source
HumanPerson

Someone used a hammer to smash a window and steal stuff. Quick, ban hammers!!!

Getting rid of the tools to exploit vulnerabilities doesn't get rid of the vulnerabilities, and security by obscurity is not security.

in reply to HumanPerson

Jonathan Lamothe
friendica (DFRN) - Link to source
Jonathan Lamothe
@HumanPerson @Pro True, though we should probably do away with cursor for entirely different reasons.
youtu.be/H2S7PKWaP7c
@HumanPerson @Pro

cybersecurity reshared this.

in reply to HumanPerson

kristoff
lemmy - Link to source
kristoff
I do not mind banning hammers for the visitors or a museum, especially if there is an exhibition of art that is concidered "unacceptable" by a certain group of people.
in reply to HumanPerson

kristoff
lemmy - Link to source
kristoff

Concerning this particular article, perhaps the vulnerability here are not a mallicious software packages, but the management of these software repo's.

Should it be possible to upload a package on a repo with 99% of the same name as one that already exists without some additional checks?

This website uses cookies. If you continue browsing this website, you agree to the usage of cookies.