Bleeping Computer

Malware Found in Arch Linux AUR Package Repository

Malware has been discovered in at least three Arch Linux packages available on AUR (Arch User Repository), the official Arch Linux repository of user-submitted packages. The malicious code has been ...
Network World

App stores and Linux repositories: Maybe the worst ideas ever

Linux software repositories have many benefits. But, like what happens in app stores, companies end support for them and your system stops getting updates. Eight years ago, Nokia released a ...
Linux Journal

The Evolution of Linux Package Management and Its Impact on Modern Computing

If you’ve ever used a modern Linux distribution, you’ve likely experienced the convenience of installing and updating software with a single command. Package managers, the tools behind this ease of ...
Dark Reading

Malicious Python Repository Package Drops Cobalt Strike on Windows, macOS & Linux Systems

Public repositories of open source code are a critical part of the software supply chain that many organizations use to build applications. They are therefore an attractive target for adversaries ...
PC World

Ubuntu, ownCloud, and a hidden dark side of Linux software repositories

The version of ownCloud in Ubuntu’s Universe repositories is old and full of “multiple critical security vulnerabilities.” It’s no secret. The ownCloud project itself asked Ubuntu to remove it so ...
Bleeping Computer

Ubuntu 'command-not-found' tool can be abused to spread malware

A logic flaw between Ubuntu's 'command-not-found' package suggestion system and the snap package repository could enable attackers to promote malicious Linux packages to unsuspecting users. The ...