https://blog.phylum.io/sophisticated-highly-targeted-attacks-continue-to-plague-npm/
tl;dr several packages were recently published to npm that appear to be subtle command and control. Behaviors of the infrastructure seem to mimic those recently identified by Phylum as being nation state activity from North Korea.
we’re working on a third party solution for this. Should have some updates that sandbox cargo builds shortly.
https://github.com/phylum-dev/birdcage
It’s a cross-platform sandbox that works on Linux via Landlock and macOS via Seatbelt. We’ve rolled this into our CLI (https://github.com/phylum-dev/cli) so you can do thinks like:
For example for npm, which currently uses the sandbox:
We’re adding this to cargo to similarly sandbox crate installations. Would love feedback and thoughts on our sandbox!