Scenario: You download a fresh repo to optimize token usage for your LLMs. You do the responsible thing and check setup.ts with vim before running anything... only to realize the act of opening it _is_ the RCE. 🫨 Can’t be... can it?

Not today (provided you + your package manager didn't sleep on updates recently 💻🐌). But it stayed under the radar for months, happened 'back in the day' (2019 is ancient history now I guess), and who’s to say it won't happen again tomorrow?

Makes me wonder... 😏

#Vim #Neovim #Linux #RCE #CyberAwareness