Mastodawn

IFIN - The Independent Federated Intelligence Network Jun 12

400+ Arch User Repository packages have been compromised in a massive, sophisticated supply chain attack, including a rootkit installation.

https://discourse.ifin.network/t/400-aur-packages-compromised-with-infostealer-and-rootkit/577

#ThreatIntel #ThreatIntelligence #IFIN

400+ AUR Packages Compromised with Infostealer and Rootkit

Last Updated: 2026-06-12T04:22:42Z (UTC) What’s Happening It appears an AUR package maintainer’s account (arojas) was compromised. The maintainer’s account had write access to over 400 package repos. The compromise was reported and other AUR maintainers have been working to remove the infected packages. The affected packages were modified with preinstall scripts to use npm to install the atomic-lockfile package, a malicious payload. Here’s an example of the change: This blog has a deep d...

IFIN

gyorb Jun 12

Arch Linux

Jun 12

Active AUR malicious packages incident

https://archlinux.org/news/active-aur-malicious-packages-incident/

#ArchLinux #Linux

Arch Linux - News: Active AUR malicious packages incident

gyorb Jun 11

Adam Shostack

Jun 5

New blog: Twenty Years of Scaling Threat Modeling https://shostack.org/blog/twenty-years-of-scaling-threat-modeling/

In 1999, I wrote my first paper on threat modeling, Breaking Up Is Hard To Do: Modeling Security Threats for Smartcards. Bruce and I talked on the phone a lot, and our analysis methodology was to think carefully about the problems. Threat modeling was something done by smart professionals with lots of experience and time available. At the same time, @lmk and Praerit Garg wrote their paper on the S.T.R.I.D.E. Model of Threats, but it wasn’t mentioned in public until later. (1/3)

gyorb May 28

dan_nanni May 28

Linux gives you more than one way to encrypt your data 😎👇

Full disk encryption protects the whole drive. File and filesystem encryption protect specific data. Other tools secure email, network traffic, or even hide information inside images.

The best tool depends on what you are protecting and where encryption needs to happen.

Find high-res pdf ebooks with all my Linux related infographics at https://study-notes.org

#linux #dataprivacy #cybersecuritytips #cybersecurity #encryption

gyorb May 25

oshogbo May 23

If you're looking for something to read today, I highly recommend @PagedOut. Or maybe even two 🙂

gyorb May 25

Adam Shostack

May 19

There are changes coming to HIPAA security rules and I have some thoughts on what that will mean for organizations.
https://shostack.org/blog/hipaa-nprm-threat-modeling/

gyorb May 25

Tom Lyon ✅May 22

Today: 53rd birthday of Ethernet!

https://labs.ripe.net/author/ondrej_caletka_1/from-megabits-to-terabits-ethernet-celebrates-its-birthday/

gyorb May 7

Fabrizio Musacchio May 6

#Deepfakes are everywhere, but #DigitalForensics investigators are fighting back:

🌍 https://scim.ag/42dMPBg

gyorb Apr 23

Felix 🇨🇦 🇩🇪 🇺🇦Apr 23

#Podman in Production: Quadlets, Secrets, Auto-Updates, and #Docker Compatibility | Larvitz Blog
https://blog.hofstede.it/podman-in-production-quadlets-secrets-auto-updates-and-docker-compatibility/#secrets-management

Podman in Production: Quadlets, Secrets, Auto-Updates, and Docker Compatibility

An opinionated production-ops guide to Podman on Linux servers - why I prefer it over Docker, how Quadlets replace Compose files, and practical patterns from real deployments including secrets mana...

Larvitz Blog

gyorb Apr 14