Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

As a citizen, I am shocked and appalled by this backdoor. As a software engineer, I can't help but marvel at the creativity and thoughtfulness put into the exploit.


The average engineer isn't an infosec expert and love automation so they found the weakest link in the chain: CI/CD


We're not talking expert-level infosec here. They should have firewalled their CI systems. That's pretty basic stuff.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: