SRE/DevOps, Gamer™. Queer, non-binary (any/all). Anarchist. Anti-theist.
Leftist attack dog, sinner, data male, sex mimic.
Made in USSR, 1991.
Blanket content warning; not safe.
Telegram: openfbtd
CMDR Jack L. Frost
Loading...
I keep adding details to this one
This isn't even an AUR specific attack, the initial attack was publishing the malicious code through NPM in the first place, otherwise this wouldn't have worked as well as it seems to have.
The observation I've made that Bluesky is mostly cultish ingroup signalling without semantic content stems from the fact that the only way to maintain a circle on here is be around the few open minded people not harassed offsite or join a cult clique severance from which renders the site unusable
The tl;dr is a botnet filed a whole lot of orphan requests on old/obscure/barely-used packages, pushing a malicious piece of code into the package building/install process. Caught by people paying attention.
Man is Iron Lung a good movie.
There was a one post-removed telephone game skeet today about something I said last night. It was made entirely in good faith, and it looks like a very different story from the original. I'm not accepting "trust me bro" on something I wasn't even engaged in that seeks to hurt people!
