cm0002@lemy.lol to Linux@programming.dev · 19 hours agoArch Linux AUR Malware Campaign Hits Multiple User-Contributed Packageslinuxiac.comexternal-linkmessage-square53linkfedilinkarrow-up1192arrow-down11cross-posted to: [email protected]
arrow-up1191arrow-down1external-linkArch Linux AUR Malware Campaign Hits Multiple User-Contributed Packageslinuxiac.comcm0002@lemy.lol to Linux@programming.dev · 19 hours agomessage-square53linkfedilinkcross-posted to: [email protected]
minus-squarekboy101222@sh.itjust.workslinkfedilinkEnglisharrow-up35arrow-down1·14 hours agoGod, even the Arch malware uses npm as a vector. And thus, my hatred of npm deepens even further
minus-squareugjka@lemmy.ugjka.netlinkfedilinkEnglisharrow-up8·9 hours agoTbf, it is run in package post install section so it could be anything even the typical “curl malware.om | bash”. There is a new wave of attacks now pulling things in with Bun which i guess is similar thing to NPM
minus-squarekboy101222@sh.itjust.workslinkfedilinkEnglisharrow-up7·8 hours agoI’m just a web guy whose tired of installing 10 xetabytes of 2 line libraries every time I wanna check out anything web related
God, even the Arch malware uses npm as a vector. And thus, my hatred of npm deepens even further
Tbf, it is run in package post install section so it could be anything even the typical “curl malware.om | bash”. There is a new wave of attacks now pulling things in with Bun which i guess is similar thing to NPM
I’m just a web guy whose tired of installing 10 xetabytes of 2 line libraries every time I wanna check out anything web related