← Back to context

Comment by xg15

14 days ago

So how long until exploit toolkits include plugins for fully automated xz-backdoor-style social engineering and project takeover?

That is EXACTLY what came to mind for me.

Terrifying thought. Fatigue of maintaining OSS is what was exploited in that takeover attack. Employing a bot army to fan this sort of attack out at scale?

Social ddos'ing.