China’s military leadership that
Posted: Mon Feb 10, 2025 6:02 am
It is clear to Beijing will have to rely on emerging technologies to close the gap with U.S. military power. This is evident in the reorganization of the PLA under President Xi Jinping. At the core of this effort is a focus on critical and emerging technologies. As the world moves further into the digital age, the emphasis on dual-use applications of emerging technologies will only increase.
Why Open Source Should Be Apolitical
Sergey Stelmakh | 03/23/2022
The maintainer of the popular open source npm package node-ipc, cameroon mobile database Nozaki Miller (known in the developer community under the nickname RIAEvangelist), has introduced malware into its code that erases the hard drives of computers of users with IP addresses from Russia or Belarus, reports the ZDNet portal .
It all started with a seemingly innocent protest against the conflict in Ukraine. Miller wrote and published a modified open-source npm package that overwrote files on the computers of users with IP addresses from Russia and Belarus and replaced them with a smiley face. But then things got out of hand: he started destroying the computers’ file systems. More precisely, Miller added code that deleted the file system of computers of users from these countries. The maintainer then added the module as a dependency to the extremely popular node-ipc package. The latter, in turn, is a highly sought-after dependency used by many JavaScript programmers. And it went from being a nuisance to a system destroyer.
According to Snyk, the software security company that discovered the issue, "node-ipc (versions >=10.1.1 <10.1.3) is a malicious package. It contains malicious code that targets users with IPs located in Russia or Belarus and replaces the contents of their files with a heart emoji." The vulnerability has been assigned the identifier CVE-2022-23812 with a CVSS score of 9.8 (critical).
Why Open Source Should Be Apolitical
Sergey Stelmakh | 03/23/2022
The maintainer of the popular open source npm package node-ipc, cameroon mobile database Nozaki Miller (known in the developer community under the nickname RIAEvangelist), has introduced malware into its code that erases the hard drives of computers of users with IP addresses from Russia or Belarus, reports the ZDNet portal .
It all started with a seemingly innocent protest against the conflict in Ukraine. Miller wrote and published a modified open-source npm package that overwrote files on the computers of users with IP addresses from Russia and Belarus and replaced them with a smiley face. But then things got out of hand: he started destroying the computers’ file systems. More precisely, Miller added code that deleted the file system of computers of users from these countries. The maintainer then added the module as a dependency to the extremely popular node-ipc package. The latter, in turn, is a highly sought-after dependency used by many JavaScript programmers. And it went from being a nuisance to a system destroyer.
According to Snyk, the software security company that discovered the issue, "node-ipc (versions >=10.1.1 <10.1.3) is a malicious package. It contains malicious code that targets users with IPs located in Russia or Belarus and replaces the contents of their files with a heart emoji." The vulnerability has been assigned the identifier CVE-2022-23812 with a CVSS score of 9.8 (critical).