t҉̠̙ǵ̣̞̄ͪ͜x̸̱͚̳ͫ͐̑̈ͯͣ̚n̒͌҉͉̦̜̝ͅ
- 0 Posts
- 4 Comments
Joined in 418 years
Cake day: May 1st, 2444
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Its a intermediary that doesn’t have anything except basic text. Plus it opens in sub-millisecond times unlike the godawful shitshow that is Windows 11 Notepad (and paint is dogshit UWP app now too). It is useful for clearing formatting/markup, saving passwords and stuff in memory till I no longer need them, etc. Heavier editors exist, but none launch so fast or “just” do basic text with nothing fancy. Also, it opens literally any file you could possibly want. (at least it tries 😆)
Nothing at all from Windows 11. Windows 10 had good paint and notepad versions. Nice and quick and handy. I use Leafpad and Drawing on Linux, but they aren’t quite the same as the OG paint.exe and notepad.exe 😆
Redhat employee had leaked credentials, threat actor used those credentials to push some files to GitHub, which executed the code in a GitHub action which had trusted access to publish to NPM.
Essentially, an employee got owned and someone used their access (that they already had) to publish the nefarious code.
You’ll see GitHub Actions in these often, as that’s how a lot of big open source organizations publish their packages and run tests/deployments. It’s less of a “GitHub based problem” and more of a “trust boundary problem”, if they used other services, the same problem could likely have still been successful.