Open Source

31114 readers

1 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Posts must be relevant to the open source ideology
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago

MODERATORS

Cloak@lemmy.ml

kevincox@lemmy.ml

CrypticCoffee@lemmy.ml

Lettuceeatlettuce@lemmy.ml

194

Over 100,000 Infected Repos Found on GitHub (apiiro.com)

submitted 1 year ago by Zerush@lemmy.ml to c/opensource@lemmy.ml

26 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Amaterasu@lemmy.world 15 points 1 year ago* (last edited 1 year ago) (5 children)

Do we see this very often with APK repos? I mean, for those using Obtainium to download apps from Github can one get malware via malicious apks?

[–] erAck@discuss.tchncs.de 2 points 1 year ago

If you installed the original legit package it can't be updated with such fake one (without uninstalling and installing the bad one) as the signatures won't match. If you initially install the bad package then yes of course.

load more comments (4 replies)