cm0002@lemy.lol to Linux@programming.dev · 1 day agoArch Linux AUR Malware Campaign Hits Multiple User-Contributed Packageslinuxiac.comexternal-linkmessage-square63linkfedilinkarrow-up1218arrow-down11cross-posted to: linux@lemmy.ml
arrow-up1217arrow-down1external-linkArch Linux AUR Malware Campaign Hits Multiple User-Contributed Packageslinuxiac.comcm0002@lemy.lol to Linux@programming.dev · 1 day agomessage-square63linkfedilinkcross-posted to: linux@lemmy.ml
minus-squarekboy101222@sh.itjust.workslinkfedilinkEnglisharrow-up41arrow-down1·23 hours agoGod, even the Arch malware uses npm as a vector. And thus, my hatred of npm deepens even further
minus-squareugjka@lemmy.ugjka.netlinkfedilinkEnglisharrow-up9·18 hours agoTbf, it is run in package post install section so it could be anything even the typical “curl malware.om | bash”. There is a new wave of attacks now pulling things in with Bun which i guess is similar thing to NPM
minus-squarekboy101222@sh.itjust.workslinkfedilinkEnglisharrow-up11·17 hours agoI’m just a web guy whose tired of installing 10 xetabytes of 2 line libraries every time I wanna check out anything web related
God, even the Arch malware uses npm as a vector. And thus, my hatred of npm deepens even further
Tbf, it is run in package post install section so it could be anything even the typical “curl malware.om | bash”. There is a new wave of attacks now pulling things in with Bun which i guess is similar thing to NPM
I’m just a web guy whose tired of installing 10 xetabytes of 2 line libraries every time I wanna check out anything web related