Langchain & Prompt Plumbing
One of the coolest things in programming I've seen. Legos for AI.
Background
[Read More]
Unusual Behaviors in Solidity and the EVM through a cross-bridge lens.
Behaviors and interactions that can lead to security issues when dealing with multiple smart contract languages.
Background
[Read More]
My Favourite Dep Malware PureScript NPM Installer
A tale of a really cool piece of malware you probably haven't heard of
Background
[Read More]
Metadata Analysis of php-src backdoor attempt
Investigating future model detection mechanisms for open source project repositories
Background
This work follows on from my prior metadata analysis which provides justification for this type of analysis.
[Read More]
Metadata Analysis of flatmap dependency supply chain attack
Investigating future model detection mechanisms for open source project repositories
Thereβs been hundreds of software dependency supply chain attacks exploiting a range of vectors in the past, with great effect. The July 2020 paper by Marc Ohm et al describes that on average a malicious package is available for 209 days. (πππ=β1,πππ₯=1,216,π=258,π₯Μ =67) so naturally, any method to reduce this...
[Read More]