everybackdoor
No user record in our sample, but everybackdoor has activity below (stories or comments). Likely we have partial data — the full bulk-load will fill profiles in.
No user record in our sample, but everybackdoor has activity below (stories or comments). Likely we have partial data — the full bulk-load will fill profiles in.
[dead]
[dead]
[dead]
[dead]
This is about NestJS, not NextJS.
[dead]
You can also fire events on pretty much any object, essentially creating a channel where the message bus queue is the vm event queue.
In 2024 we have linters and other static analysis tools for catching these kinds of things right in the IDE.
And a backdoor in a build tree
- They’re saying ”the community wants less boilerplate” - They introduce what is effectively a black-box system - The new system is expected to handle all application state - They try to push it for frontend folks while…
[dead]
[flagged]
Look at the newest commits, do you see anything suspicious: https://git.alpinelinux.org/aports/log/main/gettext libunistring could also be affected as that has also been pushed there
JiaT75 was also a prolific contributor to xz over the past few years, so your assumptions are generally invalid at this point.
Funny you should say that, given they definitely have exploit code in `vcpkg`
[flagged]
They may be right: https://git.alpinelinux.org/aports/log/main/gettext Timeline matches and there is a sudden switch of maintainer. And they add dependency to xz!