summaryrefslogtreecommitdiff
path: root/contractor.md
diff options
context:
space:
mode:
Diffstat (limited to 'contractor.md')
-rw-r--r--contractor.md4
1 files changed, 4 insertions, 0 deletions
diff --git a/contractor.md b/contractor.md
index b441865..faa1795 100644
--- a/contractor.md
+++ b/contractor.md
@@ -83,6 +83,10 @@ The conclusion here is that to build software securely, we can't
assume all code involved in the build to be secure. We need something
more secure. The Contractor aims to be a possible solution.
+## Links to attacks
+
+* [Malicious npm package opens backdoors on programmers' computers](https://www.zdnet.com/article/malicious-npm-package-opens-backdoors-on-programmers-computers/)
+
## Threat model
This section collects a list of specific threats to consider.