Man this is like the third or fourth supply chain this year attack on something that I use.
It’ll get a little worse before it gets better. Companies are working on fixing things and likely aiding Mythos for it.
How Mythos is useful on supply chain attacks?
It’s a tool designed to review and fuzzing code.
Companies are using Myrhos to find vulnerabilities that they can fix. Duh.
That’s how it’s useful.
Supply chain attacks don’t rely on software vulnerabilities only. Also Mythos will not likely be available to dozens of small suppliers.
But it’s also not like it doesn’t help. It helps still to a varying extent.
And those small supplies will eventually get access to it I’m sure.
Can someone please explain like I’m 5? Are regular Bitwarden users affected? The article makes it sound like other parts of Bitwarden may turn out to be affected as they learn more.
it helps to find and fix vulnerabilities in your code, but it could alse raises the risks.
One could use it to locate, target, and attack suitable vunerable package in supply chain. And for companies that fall victim of supply attack, I am not sure it can offer much help.