DPRK bootstrapping their way to worldwide systems access
1. Clone slack and web presence of OSS contributing org
2. Invite oSS maintainer to compromised Teams meeting
3. Install Trojan, pull creds
4. Compromise npm supply chain
5. Creds bonanza
@Karl_Townes Scottie Pippen probably carried his Central Arkansas team but I would have thought the ceiling on that was a few training camps and 10 day contracts. Instead he's knocking down Patrick Ewing and winning championships.
Anyone know what the deal is with iTerm2 not being able to reach a kubernetes controller? A kubectl command like this works just find from a MacOS Terminal window.
@twiz718 This does feel Mac-security related, but iTerm had local network access and all those commands got identical results. Even the netcat test, which is the most frustrating.
@anishmoonka Blocking the competing tools was the mistake here. Or at least acknowledge that the engineersโ new job is live testing the home grown AI.