Articles tagged #security
crates.io phishing attempt
Earlier this week, an npm supply chain attack.
It’s turn for crates.io, the main public repository for Rust crates (packages).
The phishing e-mail looks like this:
And it leads to a GitHub login page that looks like this:
Several maintainers received it — the issue is being discussed on GitHub.
The crates.io team has acknowledged the attack and said they’d see if they can do something about it.
Beware the Google Password Manager
Hey internet! So, someone broke into some of my accounts.
I’m taking entire responsibility for this - there’s the part where I fucked up, and if I didn’t fuck up, then none of this would’ve happened.
But there’s also the part where a series of design decisions from various vendors combined into the perfect storm for me.
And we’re going to talk about both! Separately! And calmly.
Go back to the homepage.