• JordanZ@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    9 hours ago

    Just do a search for ‘exploiting GitHub open source’ and you’ll find numerous resources of past and current exploits. Best way to exploit someone’s machine is to infect an open source package used by millions.

    This is a particularly relevant article.

    Over the next year, they would largely take control of the project from its original maintainer, Lasse Collin, a change driven in part by nagging emails sent to Collin by a handful users complaining about slow updates.

    So unleash the AI to overburden the maintainers. Which means they could hand over the project entirely like this instance or just not provide the amount of scrutiny they previously did over the things getting merged into the project. Either way it’s bad for all of us.