Kid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 2 days agoHidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installationthehackernews.comexternal-linkmessage-square5fedilinkarrow-up160
arrow-up160external-linkHidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installationthehackernews.comKid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 2 days agomessage-square5fedilink
minus-squaresolrize@lemmy.mllinkfedilinkEnglisharrow-up2·2 days agoWell, do the packages tend to be closed source? .deb packages are also often just binary, but there is usually a separate source package available.
minus-squaree8d79@discuss.tchncs.delinkfedilinkEnglisharrow-up2·2 days agoMany packages are open source, some are not. Source code is usually not distributed via NuGet you can instead use the project URL from the manifest to find the sources if they are available.
Well, do the packages tend to be closed source? .deb packages are also often just binary, but there is usually a separate source package available.
Many packages are open source, some are not. Source code is usually not distributed via NuGet you can instead use the project URL from the manifest to find the sources if they are available.
They vary by publisher