undefined | Better HN

0 pointsricardobeat6y ago0 comments

In the example the linter itself is not malicious, but used to deliver a malicious program that can have unrestricted filesystem access. Not vague at all, see recent news on the ‘event-stream’ package being used to steal cryptocurrency wallets.

0 comments

pvg6y ago

The 'vague' part is not that it doesn't happen - see the comment you are replying to.

j / k navigate · click thread line to collapse

0 pointsricardobeat6y ago0 comments

In the example the linter itself is not malicious, but used to deliver a malicious program that can have unrestricted filesystem access. Not vague at all, see recent news on the ‘event-stream’ package being used to steal cryptocurrency wallets.

0 comments

pvg6y ago

The 'vague' part is not that it doesn't happen - see the comment you are replying to.

j / k navigate · click thread line to collapse