Kid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 3 months agoHidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installationthehackernews.comexternal-linkmessage-square6linkfedilinkarrow-up146arrow-down11
arrow-up145arrow-down1external-linkHidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installationthehackernews.comKid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 3 months agomessage-square6linkfedilink
minus-squaresolrize@lemmy.mllinkfedilinkEnglisharrow-up2·3 months agoWell, do the packages tend to be closed source? .deb packages are also often just binary, but there is usually a separate source package available.
minus-squaregwl [he/him]@lemmy.blahaj.zonelinkfedilinkEnglisharrow-up2·3 months agoThey vary by publisher
minus-squaree8d79@discuss.tchncs.delinkfedilinkEnglisharrow-up2·3 months agoMany packages are open source, some are not. Source code is usually not distributed via NuGet you can instead use the project URL from the manifest to find the sources if they are available.
Well, do the packages tend to be closed source? .deb packages are also often just binary, but there is usually a separate source package available.
They vary by publisher
Many packages are open source, some are not. Source code is usually not distributed via NuGet you can instead use the project URL from the manifest to find the sources if they are available.