今日已更新 168 条资讯 | 累计 21034 条内容
关于我们

Opening a cloned repo is no longer safe

/u/No_Plan_3442 2026年06月08日 15:29 3 次阅读 来源:Reddit r/programming

Solid breakdown of the Miasma worm — one commit, same dropper wired into 7 config files across VS Code, Claude Code, Gemini, Cursor, npm, Composer, and Bundler. No malicious dep needed, just clone + open. Nobody reviews these files in PRs. https://safedep.io/config-files-that-run-code/ Anyone actually treating dotfile diffs as code? submitted by /u/No_Plan_3442 [link] [留言]

本文内容来源于互联网,版权归原作者所有
查看原文