diff options
author | Lars Wirzenius <liw@liw.fi> | 2020-12-13 11:16:51 +0000 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2020-12-13 11:16:51 +0000 |
commit | 36c185c8ba54ac0d4240e7188538b935151ce44d (patch) | |
tree | 6fc664aeda07dfa7bad81ee365d08156d9297c8f /contractor.md | |
parent | f039d822db63d46c772c85f44db36909656ebf05 (diff) | |
parent | 7f8c0572310aa2994aafcf68dbcd3286a1925da9 (diff) | |
download | contractor2-main.tar.gz |
Merge branch 'links' into 'main'main
doc: add link to an attack that has happned
See merge request larswirzenius/contractor2!1
Diffstat (limited to 'contractor.md')
-rw-r--r-- | contractor.md | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/contractor.md b/contractor.md index b441865..faa1795 100644 --- a/contractor.md +++ b/contractor.md @@ -83,6 +83,10 @@ The conclusion here is that to build software securely, we can't assume all code involved in the build to be secure. We need something more secure. The Contractor aims to be a possible solution. +## Links to attacks + +* [Malicious npm package opens backdoors on programmers' computers](https://www.zdnet.com/article/malicious-npm-package-opens-backdoors-on-programmers-computers/) + ## Threat model This section collects a list of specific threats to consider. |