cm0002@europe.pub to

Linux@programming.dev · 4 days ago

The security situation with the Arch Linux AUR got a lot worse

www.gamingonlinux.com

cross-posted to:
[email protected]

176

The security situation with the Arch Linux AUR got a lot worse

www.gamingonlinux.com

cm0002@europe.pub to

Linux@programming.dev · 4 days ago

cross-posted to:
[email protected]

Oh dear, the situation with the Arch Linux AUR got a fair bit worse since GamingOnLinux initially covered the malicious packages.

Chat

brucethemoose@lemmy.world
link
fedilink
arrow-up
15·
4 days ago
It seems like some person with a bot just asked to maintain a bunch of orphaned packages, abusing the 2-week waiting period. Right?

Thats why they used npm; off the shelf, almost “standard practice” credential harvesting malware. Nothing too fancy.

Linux@programming.dev

linux@programming.dev

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of [email protected] and The GIMP

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

364 users / day
1.89K users / week
3.57K users / month
6.21K users / 6 months
1 local subscriber
14K subscribers
648 Posts
4.64K Comments
Modlog