❗️Andrej Karpathy just explained the scariest thing happening in software right now..
Someone poisoned a Python package that gets 97 million downloads a month.. and a simple pip install was enough to steal everything on your machine. SSH keys, AWS credentials, crypto wallets, database passwords, git credentials, shell history, SSL private keys, everything. And here's the part that should terrify every developer alive..
The attack was only discovered because the attacker wrote sloppy code, the malware used so much RAM that it crashed someone's computer.. if the attacker had been better at cod
Someone poisoned a Python package that gets 97 million downloads a month.. and a simple pip install was enough to steal everything on your machine. SSH keys, AWS credentials, crypto wallets, database passwords, git credentials, shell history, SSL private keys, everything. And here's the part that should terrify every developer alive..
The attack was only discovered because the attacker wrote sloppy code, the malware used so much RAM that it crashed someone's computer.. if the attacker had been better at cod
