👉 Compile-infection, also known as runtime code injection or dynamic code injection, is a security vulnerability where malicious code is injected into a running application at execution time, rather than during compilation. This can occur when an application inadvertently executes code from an untrusted source, such as user input or data from an untrusted external source. Unlike static code injection, where the malicious code is embedded in the compiled executable, compile-infection happens dynamically, often exploiting vulnerabilities in how the application handles input or interacts with its environment. Attackers can use various techniques, like buffer overflows or format string vulnerabilities, to inject and execute arbitrary code, potentially leading to unauthorized access, data theft, or system compromise.
