cm0002@europe.pub to

Linux@programming.dev · 1 day ago

The security situation with the Arch Linux AUR got a lot worse

www.gamingonlinux.com

cross-posted to:
linux@lemmy.ml

160

The security situation with the Arch Linux AUR got a lot worse

www.gamingonlinux.com

cm0002@europe.pub to

Linux@programming.dev · 1 day ago

cross-posted to:
linux@lemmy.ml

Oh dear, the situation with the Arch Linux AUR got a fair bit worse since GamingOnLinux initially covered the malicious packages.

Chat

brucethemoose@lemmy.world
link
fedilink
arrow-up
15·
1 day ago
It seems like some person with a bot just asked to maintain a bunch of orphaned packages, abusing the 2-week waiting period. Right?

Thats why they used npm; off the shelf, almost “standard practice” credential harvesting malware. Nothing too fancy.

Linux@programming.dev

linux@programming.dev

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !linux@programming.dev

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

442 users / day
1.46K users / week
3.48K users / month
10.1K users / 6 months
1 local subscriber
14K subscribers
1.43K Posts
12.1K Comments
Modlog