On 6/11/26 19:47, Jonathan Grotelüschen wrote:
Hi everyone,we’re working hard to reset/delete all malicious commits and ban the accounts.If you find more malicious packages, please **send them as a reply to this email** to keep them all in one thread.
Hi more packages infected with the new bun js-digest attack: - ruby-oauth - ruby-activerecord - ruby-activemodel - ruby-thread_safeThey all use different AUR accounts which I assume are all malicious as well.
Thanks for cleaning this up!
Thanks! -- tippfehlr
Cheers, Mario
OpenPGP_signature.asc
Description: OpenPGP digital signature
