mox@lemmy.sdf.org to Programming@programming.dev · 10 days agoPolyfill supply chain attack hits 100K+ sitessansec.ioexternal-linkmessage-square11fedilinkarrow-up154arrow-down11 cross-posted to: technology@lemmy.ziptechnology@lemmy.ziptechnology@lemmy.worldhackernews@lemmy.smeargle.fans
arrow-up153arrow-down1external-linkPolyfill supply chain attack hits 100K+ sitessansec.iomox@lemmy.sdf.org to Programming@programming.dev · 10 days agomessage-square11fedilink cross-posted to: technology@lemmy.ziptechnology@lemmy.ziptechnology@lemmy.worldhackernews@lemmy.smeargle.fans
minus-squareonlinepersona@programming.devlinkfedilinkEnglisharrow-up0arrow-down2·9 days agoYou don’t believe that income (or lack thereof) can motivate the sale of a popular library to a shady party? Any threat actor group with sufficient funds from various campaigns, spyware, etc could use said funds to buy out a dev, owner, etc. I don’t see VLC being bought out. This is the perfect example of distracting from the fact of what happened. If you say so… this isn’t the first time an underpaid opensource dev sold their project only for it to end up being used for ads or malware. Anti Commercial-AI license
You don’t believe that income (or lack thereof) can motivate the sale of a popular library to a shady party?
I don’t see VLC being bought out.
If you say so… this isn’t the first time an underpaid opensource dev sold their project only for it to end up being used for ads or malware.
Anti Commercial-AI license