Mastodon Feed
brib@bribstodon.xyz ("brib :neofox_floof: :Nonbinary:") wrote:
Looks like
atomic-lockfile(the malicious package behind the AUR supply chain attack) finally got nixed by NPM.Still, the threat actor could easily spin up a new package. Stay vigilant, check your
PKGBUILDs