Apparently another cyber threat has been crafted with Nim... :(
"(...) However, Nim’s rather unique ability to execute functions during compile time allows attackers to blend complex behaviour into a binary with less obvious control flow, resulting in compiled binaries in which developer code and Nim runtime code are intermingled even at the function level."
Incident like this, once again, will likely expose safe and legitimate Nim code to be tagged as potentially malicious.
Incident like this, once again, will likely expose safe and legitimate Nim code to be tagged as potentially malicious.
Correct. And I see two possible ways ahead for Nim 3.0:
Not supporting Windows anymore. The Windows target is super annoying to support anyway.
All the necessary software for POSIX systems has already been written. That leaves embedded, but you said that --noSystem is too hard to maintain too. Phew! Looks like job's done, we can all go home!
All the necessary software for POSIX systems has already been written.
Huh? What a strange statement.
That leaves embedded, but you said that --noSystem is too hard to maintain too.
Embedded development works better without the --noSystem switch...
I guess there is some joke here hiding that I don't get. If so, jokes work better if they don't rely on myth-building.
... but in this case the target was macOs / Arm64. I guess you didn't read the title.
A small excerpt
"(...) The second part of the attack chain begins with the installer binary dropped alongside a by the initial access scripts. Compiled from Nim and weighing in at ~233KB, the installer binary is a universal architecture Mach-O with an ad hoc signature and the identifier user_startup_installer_arm64."
... but in this case the target was macOs / Arm64. I guess you didn't read the title.
No, I didn't read anything but the title. :-)
I don't know how OSX will make me suffer for using Nim, I only know the poor state of affairs on Windows. Mea culpa.