── TAG FILTER ──
#supply-chain-security • 2 articles

Posts tagged #supply-chain-security

═══ #SUPPLY-CHAIN-SECURITY ═══
The Build Script Was The Backdoor
The Atomic Arch campaign turned trusted-looking AUR packages into a route for rootkit-like credential theft. The old advice to read the build script is starting to look painfully small.
The Repo Opened Back
Microsoft-owned GitHub repositories were disabled after Miasma malware hit Azure and AI coding tool workflows. The repo is no longer passive infrastructure. It is part of the runtime.