Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
cherrycreek00
35 days ago
|
parent
|
context
|
favorite
| on:
AUR packages compromised with Infostealer and Root...
Am I understanding right that machines without npm aren't affected by this particular strain?
The headline got my heart going pretty good this morning.
reorder9695
35 days ago
|
next
[–]
The PKGBUILD files specified npm as a dependency, so it would've been installed prior to installing the malicious file, so not having npm is by no means a guarantee.
phi-go
35 days ago
|
prev
[–]
There is a link to a shell script in the article to check if you have any impacted package installed.
Consider applying for YC's Fall 2026 batch!
Applications
are open till July 27.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
The headline got my heart going pretty good this morning.