cm0002@lemy.lol to Linux@programming.dev · 22 hours agoArch Linux AUR Malware Campaign Hits Multiple User-Contributed Packageslinuxiac.comexternal-linkmessage-square60fedilinkarrow-up1205cross-posted to: linux@sh.itjust.workslinux@lemmy.mlrunescape@lemmy.zip
arrow-up1205external-linkArch Linux AUR Malware Campaign Hits Multiple User-Contributed Packageslinuxiac.comcm0002@lemy.lol to Linux@programming.dev · 22 hours agomessage-square60fedilinkcross-posted to: linux@sh.itjust.workslinux@lemmy.mlrunescape@lemmy.zip
minus-squarekboy101222@sh.itjust.workslinkfedilinkEnglisharrow-up40·17 hours agoGod, even the Arch malware uses npm as a vector. And thus, my hatred of npm deepens even further
minus-squareugjka@lemmy.ugjka.netlinkfedilinkEnglisharrow-up9·12 hours agoTbf, it is run in package post install section so it could be anything even the typical “curl malware.om | bash”. There is a new wave of attacks now pulling things in with Bun which i guess is similar thing to NPM
minus-squarekboy101222@sh.itjust.workslinkfedilinkEnglisharrow-up10·11 hours agoI’m just a web guy whose tired of installing 10 xetabytes of 2 line libraries every time I wanna check out anything web related
God, even the Arch malware uses npm as a vector. And thus, my hatred of npm deepens even further
Tbf, it is run in package post install section so it could be anything even the typical “curl malware.om | bash”. There is a new wave of attacks now pulling things in with Bun which i guess is similar thing to NPM
I’m just a web guy whose tired of installing 10 xetabytes of 2 line libraries every time I wanna check out anything web related