all InfoSec news
Are all package managers equally risky?
May 5, 2023, 1:09 a.m. | /u/liquidamber_h
cybersecurity www.reddit.com
But even using `apt-update` or `PHP Composer` makes me wonder... am I increasing my risks, by doubling the amount of parties I have to trust?
i.e.:
\- Direct install = only trust 1 party (the developer)
\- Package install = trust 2 parties (dev + package …
apt composer cybersecurity managers npm package package managers php risk risks security security risk update
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
DevSecOps Engineer
@ Material Bank | Remote
Instrumentation & Control Engineer - Cyber Security
@ ASSYSTEM | Bridgwater, United Kingdom
Security Consultant
@ Tenable | MD - Columbia - Headquarters
Management Consultant - Cybersecurity - Internship
@ Wavestone | Hong Kong, Hong Kong
TRANSCOM IGC - Cybersecurity Engineer
@ IT Partners, Inc | St. Louis, Missouri, United States
Manager, Security Operations Engineering (EMEA)
@ GitLab | Remote, EMEA