| ▲ | tonymet 16 hours ago | |
Has anyone tested general purpose malware detection on supply chains ? Like clamscan . I tried to test the LiteLLM hack but the affected packages had been pulled. Windows Defender AV has an inference based detector that may work when signatures have not yet been published | ||
| ▲ | jesse_dot_id 15 hours ago | parent | next [-] | |
I second this question. I usually scan our containers with snyk and guarddog, and have wondered about guarddog in particular because it adds so much build time. | ||
| ▲ | Imustaskforhelp 11 hours ago | parent | prev | next [-] | |
> tried to test the LiteLLM hack but the affected packages had been pulled Hey, I have been part of the archival effect/Litellm issue thread. I think I have stored them in archive.org for preservation purposes https://web.archive.org/web/20260325073027/https://files.pyt... (I have also made an archive of the github issue with all the comments manually till a certain point at https://web.archive.org/web/20260325054202/https://serjaimel...) | ||
| ▲ | esseph 15 hours ago | parent | prev [-] | |
> Has anyone tested general purpose malware detection on supply chains ? Like clamscan You could use Trivy! /s | ||