---
title: "💭 PolyFill Vulnerability is WILD - YouTube"
description: "!https://www.youtube.com/watch?si=6NK4iCu1b1rCDo7a&t=555&v=mmlHQyMOK7Y&feature=youtu.be"
date: 2024-06-28
published: true
tags:
  - infra
  - dev
  - open source
  - thought
template: link
---


![https://www.youtube.com/watch?si=6NK4iCu1b1rCDo7a&t=555&v=mmlHQyMOK7Y&feature=youtu.be](/static/https://www.youtube.com/watch?si=6NK4iCu1b1rCDo7a&t=555&v=mmlHQyMOK7Y&feature=youtu.be)

Damn, supply chain vector attacks are wild. Random guy in Primes stream was getting $40k offers to buy their open source project while in university and they have never made anything from it.  What a social engineering attack this is.  It would be so easy to make it look like a good deal and that the package was going to a good new owner who has real resources to maintain it.

!!! note

    This post is a <a href="/thoughts/" class="wikilink" data-title="Thoughts" data-description="These are generally my thoughts on a web page or some sort of url, except a rare few don&#39;t have a link. These are dual published off of my..." data-date="2024-04-01">thought</a>. It's a short note that I make
    about someone else's content online <a href="/tags/thoughts/" class="hashtag-tag" data-tag="thoughts" data-count=2 data-reading-time=3 data-reading-time-text="3 minutes">#thoughts</a>