| ▲ | dalemhurley 3 hours ago | |
Except it might come from a trusted repo. Some of the biggest repos have been recently targeted in supply chain attacks. Consider for a moment 1. Attacker takes over maintenance of a widely used Cursor extension 2. Attacker adds a remote backdoor to monitor which repos are being maintained 3. Attacker decides to only infect the largest one with a git commit hook 4. The developer didn’t even know they just included git.exe in their commit 5. The developer is a sole maintainer on the repo and merges their own PR without review (because they(/their AI) wrote it) 6. Now a trusted repo is infected 7. A contributor pulls down the infected repo and opens cursor | ||