Zerush@lemmy.ml to Open Source@lemmy.ml · 9 months agoOver 100,000 Infected Repos Found on GitHubapiiro.comexternal-linkmessage-square26fedilinkarrow-up1207arrow-down14cross-posted to: hackernews@lemmy.smeargle.fans
arrow-up1203arrow-down1external-linkOver 100,000 Infected Repos Found on GitHubapiiro.comZerush@lemmy.ml to Open Source@lemmy.ml · 9 months agomessage-square26fedilinkcross-posted to: hackernews@lemmy.smeargle.fans
minus-squareerAckAlinkfedilinkarrow-up2·9 months agoIf you installed the original legit package it can’t be updated with such fake one (without uninstalling and installing the bad one) as the signatures won’t match. If you initially install the bad package then yes of course.
If you installed the original legit package it can’t be updated with such fake one (without uninstalling and installing the bad one) as the signatures won’t match. If you initially install the bad package then yes of course.