Платон Щукин (Редактор отдела «Экономика»)
19:39, 5 марта 2026Экономика
,推荐阅读WPS官方版本下载获取更多信息
Step 2: The AI bot executes arbitrary code. Claude interpreted the injected instruction as legitimate and ran npm install pointing to the attacker's fork - a typosquatted repository (glthub-actions/cline, note the missing 'i' in 'github'). The fork's package.json contained a preinstall script that fetched and executed a remote shell script.
Continue reading...
:first-child]:h-full [&:first-child]:w-full [&:first-child]:mb-0 [&:first-child]:rounded-[inherit] h-full w-full