cm0002@lemy.lol to Linux@programming.dev · 5 days agoArch Linux AUR Malware Campaign Hits Multiple User-Contributed Packageslinuxiac.comexternal-linkmessage-square71fedilinkarrow-up1240arrow-down11cross-posted to: linux@lemmy.ml
arrow-up1239arrow-down1external-linkArch Linux AUR Malware Campaign Hits Multiple User-Contributed Packageslinuxiac.comcm0002@lemy.lol to Linux@programming.dev · 5 days agomessage-square71fedilinkcross-posted to: linux@lemmy.ml
minus-squarekboy101222@sh.itjust.workslinkfedilinkEnglisharrow-up52arrow-down1·5 days agoGod, even the Arch malware uses npm as a vector. And thus, my hatred of npm deepens even further
minus-squareugjka@lemmy.ugjka.netlinkfedilinkEnglisharrow-up10·4 days agoTbf, it is run in package post install section so it could be anything even the typical “curl malware.om | bash”. There is a new wave of attacks now pulling things in with Bun which i guess is similar thing to NPM
minus-squarekboy101222@sh.itjust.workslinkfedilinkEnglisharrow-up14·4 days agoI’m just a web guy whose tired of installing 10 xetabytes of 2 line libraries every time I wanna check out anything web related
God, even the Arch malware uses npm as a vector. And thus, my hatred of npm deepens even further
Tbf, it is run in package post install section so it could be anything even the typical “curl malware.om | bash”. There is a new wave of attacks now pulling things in with Bun which i guess is similar thing to NPM
I’m just a web guy whose tired of installing 10 xetabytes of 2 line libraries every time I wanna check out anything web related