Molly E. Holzschlag · Jan 4, 2022 · 3:46 PM UTC

Molly E. Holzschlag

Molly E. Holzschlag @mholzschlag

4 Jan 2022

Code Poets, HAIL! Need your gorgeous thoughts re using #JavaScript event listeners to flip content of an #HTML element for malicious exploits. Seems way too easy, with the copying and the pasting, oh my! Help reality check me, peas and carrots, thxu 🥕 😛bleepingcomputer.com/news/se…

Don't copy-paste commands from webpages — you can get hacked

Programmers, sysadmins, security researchers, and tech hobbyists copying-pasting commands from web pages into a console or terminal risk having their system compromised. Wizer's Gabriel Friedlander...

bleepingcomputer.com

Molly E. Holzschlag · Jan 4, 2022 · 5:35 PM UTC

Molly E. Holzschlag · Jan 4, 2022 · 5:35 PM UTC

Molly E. Holzschlag @mholzschlag

4 Jan 2022

Thanks Tina. The way the article read struck me as being illogical. It appears from you and others there's more than a few inaccuracies in the description of how an exploit can be passed via the clipboard API.

Jan 4, 2022 · 5:35 PM UTC

This tweet is unavailable

Molly E. Holzschlag · Jan 4, 2022 · 6:24 PM UTC

Molly E. Holzschlag @mholzschlag

4 Jan 2022

It's doable according to people weighing in but it's not accurately described in the article. What's more, the issue appears complicated by how the clipboard API can be tricky for some (like me) sho work adjacent to but not directly with JavaScript and a decrease w terminal use.