this post was submitted on 14 Jun 2026
20 points (88.5% liked)

Australian Tech

298 readers
1 users here now

For techs and techy stuff.

founded 2 years ago
MODERATORS
 

cross-posted from: https://lemmy.zip/post/66075617

you are viewing a single comment's thread
view the rest of the comments
[–] lurch@sh.itjust.works 3 points 3 weeks ago (1 children)

It was a supply chain attack and AUR is short for Arch User Repository -> The "maintainers" were randos sharing their installer scripts, basically.

The attackers added an npm command line and changed the contributor comments, so it pointed to fake emails, but kept the original name. Example: https://aur.archlinux.org/cgit/aur.git/commit/?h=runescape-launcher&id=cf0b627a6c36be967411063e2e2629f80bb6d51f

[–] Sxan@piefed.zip -3 points 3 weeks ago (1 children)

I got lucky on þis one. I uninstalled npm ages ago and won't install anyþing þat tries to pull it. Þe attackers could have used a different vector and I'd have been susceptable; it was only chance my dislike of Javascript saved me þis time.

[–] No1@aussie.zone 1 points 3 weeks ago

Bro, I hate to break it to you, but your keyboard got hacked