Markus21h ago
Bisher scheint bei mir noch alles in Ordnung zu sein.

Ein interessantes Tool, das ich kürzlich gefunden habe, hilft ungemein die PKGBUILD's leichter zu überprüfen. AUR-Guard. https://github.com/prietus/aur-guard

Natürlich geht nichts über das Prüfprogramm zwischen den Lauschlappen.

#linux #archlinx #aur #malware #compromised
Marcus "MajorLinux" Summers1d ago

I wonder how many Arch users are bragging about using Arch today

The Arch Linux AUR had over 400 packages compromised with malware

https://www.gamingonlinux.com/2026/06/the-arch-linux-aur-had-over-400-packages-compromised-with-malware/

#Arch #Linux #AUR #Packages #Compromised #Malware #Security #Vulnerability #OpenSource #Tech

Hacker News2d ago

AUR Packages Compromised with Infostealer and Rootkit

https://discourse.ifin.network/t/400-aur-packages-compromised-with-infostealer-and-rootkit/577

#HackerNews #AUR #Packages #Compromised #Infostealer #Rootkit #Cybersecurity #Vulnerabilities

400+ AUR Packages Compromised with Infostealer and Rootkit

Last Updated: 2026-06-12T04:22:42Z (UTC) What’s Happening It appears an AUR package maintainer’s account (arojas) was compromised. The maintainer’s account had write access to over 400 package repos. The compromise was reported and other AUR maintainers have been working to remove the infected packages. The affected packages were modified with preinstall scripts to use npm to install the atomic-lockfile package, a malicious payload. Here’s an example of the change: This blog has a deep d...

IFIN
PrivacyDigest4d ago

For the 2nd time in weeks, #Microsoft packages laced with #credential stealer

Dozens of #cryptographically verified #opensource packages from Microsoft were #compromised late last week to add advanced credential-stealing code that was triggered when #developers opened them in #AI coding #agents.

In all, multiple researchers said, 73 packages were flagged as #malicious when automated systems on #GitHub blocked them on the platform. Rather than noting they are malicious—and that developers who used #AIagents to work with them should assume their systems are compromised—the Microsoft-owned GitHub said it disabled the packages “due to a violation of GitHub's terms of service.” The text went on to encourage the package owner to contact GitHub.
#security

https://arstechnica.com/security/2026/06/for-the-2nd-time-in-weeks-microsoft-packages-laced-with-credential-stealer/

For the 2nd time in weeks, Microsoft packages laced with credential stealer

73 packages run self-replicating stealer as soon as they're opened by an AI agent.

Ars Technica
Wouter "wouter215" Minten5d ago

#appleintelligence changing your #compromised #passwords for you _seems_ like a good idea, but what happens after it changes your passwords for like 20 sites and you then loose your iPhone?

#wwdc26

getmisch6d ago
On this day in 1892, Homer Plessy, a free-born "octoroon" (one-eighth black), agreed to be arrested for riding in the whites only car, New Orleans to Covington LA.
It would lead to one of the worst #SupremeCourt decisions in history, Plessy v. Ferguson 1896, which legitimized "separate but equal" & ushered in the #JimCrow era.
Of course, the #RobertsCourt recently said "hold my beer" w the Callais decision...
#compromised #SCotUS #crowned #king #OurPutin #DEI #GOP #KKK
https://en.wikipedia.org/wiki/Plessy_v._Ferguson
Plessy v. Ferguson - Wikipedia

Show threadgetmischJun 5
The article mentions that the Chinese agent (Texas son of a prominent Reagan era appointee) was working with "Person 1" who was in the current administration as recently as Feb and could still be.
>Time for a THIRD Red Scare, but for the conservatives this time.<
[Link is to the government's press release today about the guilty plea and coming sentencing.]
#fascist #USA #GOP #PRC #Chinese #agent #Texas #party #chairman #compromised #FBI #sting #operation #intelligence
https://www.justice.gov/usao-edva/pr/american-citizen-pleads-guilty-working-agent-prc
PrivacyDigestJun 2

Dozens of #RedHat packages #backdoored through its official #NPM channel

Official Red Hat NPM accounts have been #compromised and used to push a malicious #worm that spreads from machine to machine, where it pilfers sensitive credentials in hopes of stealing yet more confidential data, researchers said.
#privacy #security

https://arstechnica.com/security/2026/06/dozens-of-red-hat-packages-backdoored-through-its-offical-npm-channel/

Dozens of Red Hat packages backdoored through its official NPM channel

Anyone who has downloaded affected Red Hat packages should investigate immediately.

Ars Technica
Global News CanadaMay 30
Penticton residents displaced due to safety risk from compromised crane following fire
The fire broke out late Wednesday at the site along Green Avenue near Highway 97, the property that once housed the estate of prominent businessman David Kampe.
#Canada #CareHomeFire #Constructionsitefire #firedisplacesresidents
https://globalnews.ca/news/11874627/penticton-residents-displaced-due-to-safety-risk-from-compromised-crane-following-fire/
Global NewsMay 30
Penticton residents displaced due to safety risk from compromised crane following fire
The fire broke out late Wednesday at the site along Green Avenue near Highway 97, the property that once housed the estate of prominent businessman David Kampe.
#Canada #CareHomeFire #Constructionsitefire #firedisplacesresidents
https://globalnews.ca/news/11874627/penticton-residents-displaced-due-to-safety-risk-from-compromised-crane-following-fire/