fix typo and date

2025-07-27 11:46:46 -04:00 · 2025-07-27 11:46:46 -04:00 · 030beb7141
parent 1bf06a7364
commit 030beb7141
1 changed files with 2 additions and 4 deletions
--- a/_posts/2025-06-07-package-managers.md
+++ b/_posts/2025-06-07-package-managers.md
@ -1,7 +1,7 @@
 ---
 layout: post
 title: Package managers - malware delivery as a service
-date: 2025-04-02
+date: 2025-06-07
 ---

 Using third-party code, such as open source libraries has made it much easier to
@ -45,7 +45,7 @@ building while the backdoor is unguarded and wide open. SAST and monitoring
 will only reliably detect previously found vulnerabilities, as they are
 typically rule or behaviour based, and can often be circumvented because the
 attackers design their attacks to evade detection. The [SolarWinds attack](http://web.archive.org/web/20250226000211/https://www.wired.com/story/the-untold-story-of-solarwinds-the-boldest-supply-chain-hack-ever/)
-occured despite sophisticated monitoring and SAST systems at one of the leading
+occurred despite sophisticated monitoring and SAST systems at one of the leading
 cybersecurity firms in the world. The nature of that compromise is such that
 full code review likely wouldn't have prevented the attack, reproducible builds
 would have (more on that another time), but the point is that there is an
@ -138,5 +138,3 @@ review them rather than assigning them cost of $0 as though they are free to use

 * Consider donating to maintainers of your most important third party
 dependencies, both for development, and to pay for security assessments.
-
-