mox@lemmy.sdf.org to Programming@programming.dev · 5 months agoPolyfill supply chain attack hits 100K+ sitessansec.ioexternal-linkmessage-square6fedilinkarrow-up11arrow-down10 cross-posted to: technology@lemmy.ziptechnology@lemmy.ziptechnology@lemmy.worldplanetdyne@fed.dyne.org
arrow-up11arrow-down1external-linkPolyfill supply chain attack hits 100K+ sitessansec.iomox@lemmy.sdf.org to Programming@programming.dev · 5 months agomessage-square6fedilink cross-posted to: technology@lemmy.ziptechnology@lemmy.ziptechnology@lemmy.worldplanetdyne@fed.dyne.org
minus-squareonlinepersona@programming.devlinkfedilinkEnglisharrow-up0·5 months agoYou don’t believe that income (or lack thereof) can motivate the sale of a popular library to a shady party? Any threat actor group with sufficient funds from various campaigns, spyware, etc could use said funds to buy out a dev, owner, etc. I don’t see VLC being bought out. This is the perfect example of distracting from the fact of what happened. If you say so… this isn’t the first time an underpaid opensource dev sold their project only for it to end up being used for ads or malware. Anti Commercial-AI license
You don’t believe that income (or lack thereof) can motivate the sale of a popular library to a shady party?
I don’t see VLC being bought out.
If you say so… this isn’t the first time an underpaid opensource dev sold their project only for it to end up being used for ads or malware.
Anti Commercial-AI license