Debian & Ubuntu
5 techniques
apt / dpkg
Repository manipulation, maintainer script execution, GPG signature bypass, package spoofing, and man-in-the-middle attacks.
1 critical
3 high
Python
5 techniques
pip / PyPI
Arbitrary code execution via setup.py, dependency confusion, typosquatting campaigns, and requirements.txt index manipulation.
2 critical
2 high
Node.js
5 techniques
npm
Lifecycle script abuse, dependency confusion, account hijacking, .npmrc tampering, and npx remote execution.
2 critical
2 high
Ruby
4 techniques
RubyGems
Native C extension code execution, RubyGems plugin hooks, gem source manipulation, and Rakefile build scripts.
1 critical
3 high
Rust
4 techniques
Cargo
Build script (build.rs) execution, procedural macro abuse, crate extraction attacks, and cargo install from untrusted git repos.
2 critical
1 high