On 6/11/26 9:50 AM, Mark Wagie wrote: > A new Maintainer adopted gnome-randr-rust and added an install file with the > following: > > npm install atomic-lockfile yargs > > https://aur.archlinux.org/cgit/aur.git/commit/?h=gnome-randr- > rust&id=da9f4cf2d470bd603968ef605736285a2e0c8880 <https://aur.archlinux.org/ > cgit/aur.git/commit/?h=gnome-randr-rust&id=da9f4cf2d470bd603968ef605736285a2e0c8880>
More malware packages recently pushed: - fastjet - lowfi-bin - gnutls3.8.9 User: martinaritter Each of these had the malicious npm install atomic-lockfile added. Best Regards, AlphaLynx
OpenPGP_signature.asc
Description: PGP signature
OpenPGP_0x100ED08AC2F74784.asc
Description: application/pgp-keys
