im doing a shitload of research for this preso/workshop im doing and holy shit have there been a lot more supply chain attacks and badguys going after users than i remember. whoof
Post
Replies:
5
@Viss npm and pip are just a gigantic minefield these days. I know that isn't all of it, but it seems like that's the majority of the low-hanging fruit there these days.
@da_667 im doing a timeline, and like... around 2022 things start happening but like, nov 2024 onward it just super fuckfest mode. ive found like eight supply chain attacks this year alone 100% targeting llm users, dev shops, developer tools, openclaw, pytorch libraries, npm, python .. its a fucking madhouse
@Viss oh man, openclaw is just a complete fuckfest. The minute I grok'd what it was about I was just like... "nuh-uh." and so far, have not been proven wrong.
@da_667 @Viss ICYMI the counter is currently at 6 days since the last OpenClaw CVE: https://days-since-openclaw-cve.com
