Lemdro.id
  • Communities
  • Create Post
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
Petersson@feddit.orgM to Intergalaktische Bogengemeinschaft@feddit.org · 20 days ago

400+ Arch Linux AUR Packages Compromised in a Supply Chain Attack Deploying Infostealers

cybersecuritynews.com

external-link
message-square
4
link
fedilink
  • cross-posted to:
  • technology@lemmy.world
12
external-link

400+ Arch Linux AUR Packages Compromised in a Supply Chain Attack Deploying Infostealers

cybersecuritynews.com

Petersson@feddit.orgM to Intergalaktische Bogengemeinschaft@feddit.org · 20 days ago
message-square
4
link
fedilink
  • cross-posted to:
  • technology@lemmy.world
A massive supply chain attack targeting the Arch User Repository (AUR) has compromised more than 400 community-maintained packages, with attackers injecting malicious build scripts designed to deploy credential-stealing malware and rootkit-style payloads on affected Linux systems.
alert-triangle
You must log in or register to comment.
  • cattywampus@lemmy.world
    link
    fedilink
    arrow-up
    5
    ·
    edit-2
    10 days ago

    deleted by creator

    • Petersson@feddit.orgOPM
      link
      fedilink
      arrow-up
      4
      ·
      20 days ago

      And if you got infected with something, just read the arch wiki. It will cure you.

      • cattywampus@lemmy.world
        link
        fedilink
        arrow-up
        4
        ·
        edit-2
        10 days ago

        deleted by creator

        • Petersson@feddit.orgOPM
          link
          fedilink
          arrow-up
          4
          ·
          20 days ago

          Awww <3

    • manxu@piefed.social
      link
      fedilink
      English
      arrow-up
      3
      ·
      20 days ago

      Yeah, that whole unverified developer build installation was always very risky. It’s a real shame that so many distros fail to keep up with recent packaging, and that so many development environments have super lax policies on who can post a package to their repositories.

      • cattywampus@lemmy.world
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        edit-2
        10 days ago

        deleted by creator

        • manxu@piefed.social
          link
          fedilink
          English
          arrow-up
          2
          ·
          20 days ago

          You are absolutely right, and it’s a shame that especially large corporations use open source without giving much back.

          Still, the setup of a lot of software repositories and package management is almost comically lax. A little extra effort might do a lot of good, is all I am saying.

          • cattywampus@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            10 days ago

            deleted by creator

Intergalaktische Bogengemeinschaft@feddit.org

bogengemeinschaft@feddit.org

Subscribe from Remote Instance

Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !bogengemeinschaft@feddit.org

Willkommen in der Bogengemeinschaft!

Um euch den Einstieg so angenehm wie möglich zu machen, haben wir hier die wichtigsten Informationen zusammengestellt.

Für Nichtbogennutzer und Neulinge empfehlen wir euch, zunächst vollständig das Wiki zu lesen, bevor ihr eine Frage stellt: https://wiki.archlinux.org/

Fortgeschrittene Bogennutzer finden hier Unterstützung: https://wiki.archlinux.org/

Bei Anregungen und Ideen zu dieser Gemeinschaft bitten wir euch, davon abzusehen und das Wiki zu lesen: https://wiki.archlinux.org/

Weitere Informationen findet ihr hier: https://wiki.archlinux.org/

Wir wünschen euch viel Spaß in dieser Gemeinschaft!

Ehemals /c/bogengemeinschaft@feddit.de.

Visibility: Public
globe

This community can be federated to other instances and be posted/commented in by their users.

  • 1 user / day
  • 6 users / week
  • 25 users / month
  • 25 users / 6 months
  • 1 local subscriber
  • 372 subscribers
  • 60 Posts
  • 505 Comments
  • Modlog
  • mods:
  • Petersson@feddit.org
  • aaaaaaaaargh@feddit.org
  • UI: 0.19.11
  • BE: 0.19.12
  • Modlog
  • Legal
  • Instances
  • Docs
  • Code
  • join-lemmy.org