NPM, Cargo & PyPi Are Broken By Design

Once again another malicious package is discovered is cargo, and this just goes on the massive and ever growing list of times this has been discovered is repos that don't have 3rd party over sight, like NPM, Cargo, PyPi and more.

==========Support The Channel========== ► $100 Linode Credit: https://brodierobertson.xyz/linode ► Patreon: https://brodierobertson.xyz/patreon ► Paypal: https://brodierobertson.xyz/paypal ► Liberapay: https://brodierobertson.xyz/liberapay ► Amazon USA: https://brodierobertson.xyz/amazonusa

==========Resources========== Drew Devault Post: https://drewdevault.com/2022/05/12/Supply-chain-when-will-we-learn.html Rustdecimal Package: https://blog.rust-lang.org/2022/05/10/malicious-crate-rustdecimal.html Foreach Package: https://mastodon.social/@lrvick/108274062191145538

=========Video Platforms========== 🎥 Odysee: https://brodierobertson.xyz/odysee 🎥 Podcast: https://techovertea.xyz/youtube 🎮 Gaming: https://brodierobertson.xyz/gaming

==========Social Media========== 🎤 Discord: https://brodierobertson.xyz/discord 🎤 Matrix Space: https://brodierobertson.xyz/matrix 🐦 Twitter: https://brodierobertson.xyz/twitter 🌐 Mastodon: https://brodierobertson.xyz/mastodon 🖥️ GitHub: https://brodierobertson.xyz/github

==========Credits========== 🎨 Channel Art: All my art has was created by Supercozman https://twitter.com/Supercozman https://www.instagram.com/supercozman_draws/

#NPM #PackageManager #Linux #Cargo #PyPi

🎵 Ending music Music from https://filmmusic.io "Basic Implosion" by Kevin MacLeod (https://incompetech.com) License: CC BY (http://creativecommons.org/licenses/by/4.0/)

DISCLOSURE: Wherever possible I use referral links, which means if you click one of the links in this video or description and make a purchase I may receive a small commission or other compensation. ... https://www.youtube.com/watch?v=evY5MuA9I-Y