The Hacker News

China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade

Sygnia says Velvet Ant modified Linux PAM and OpenSSH components to steal credentials and maintain stealthy access since 2016 ...
The Hacker News

Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit

Attackers hijacked 400+ Arch Linux AUR packages to run a Rust credential stealer, with optional eBPF rootkit support on root ...

Amateur hacker used Claude and OpenAI agents to hack 14 companies

An inexperienced hacker managed to compromise over a dozen companies using AI agents to do most of the work, raising real ...
SomeOrdinaryGamers on MSN

I dodged a massive hack – Linux users just walked into a supply-chain nightmare

A major Linux package scare just exposed how dangerous trust-based software ecosystems can get when abandoned packages fall ...
The Next Web

Attackers hijacked over 1,500 Arch Linux packages to steal developers’ secrets, no hacking required

Attackers hijacked over 1,500 packages in Arch Linux's AUR to plant a credential stealer. The official repos are safe, but the trust model took the hit.
ZDNet

Linux Foundation's trust scorecards aim to battle rising open-source security threats

Open-source code has become a malware vector. For example, by the closest of shaves, an open-source developer discovered that Jia Tan, a chief programmer and maintainer of the Linux xz data ...