Hackers Inject Malicious Firefox Packages into Arch Linux Repository

Hackers Inject Malicious Firefox Packages into Arch Linux Repository

Introduction Cybersecurity researchers have discovered a sophisticated supply chain attack targeting Arch Linux users through malicious packages disguised as variants of the Firefox browser. On July 16, 2025, three infected packages containing Remote Access Trojan (RAT) malware were successfully uploaded to the Arch User Repository (AUR), and were detected and removed by the Arch Linux … Read more

Malicious Go Modules Exposed for Erasing Linux System Data

Malicious Go Modules Exposed for Erasing Linux System Data

The Socket Security Team has disclosed that attackers are implementing destructive supply chain attacks through carefully disguised Go modules, with malicious code capable of completely wiping Linux system disks and causing permanent data loss. Attack Technique Analysis Complete Path of Malicious Modules: <span>github.com/truthfulpharm/prototransform</span> <span>github.com/blankloggia/go-mcp</span> <span>github.com/steelpoor/tlsproxy</span> 1. Module Disguise Imitating legitimate library names (such as <span>go-mcp</span>, … Read more

Malicious npm Package Attacks Linux Developers to Install SSH Backdoors

Malicious npm Package Attacks Linux Developers to Install SSH Backdoors

Introduction A concerning new type of supply chain attack has emerged, targeting Linux developers working with the Telegram bot ecosystem. Discovered in early 2025, multiple malicious npm packages disguised themselves as legitimate Telegram bot libraries to provide SSH backdoors and steal sensitive data from unsuspecting developers. These domain-squatted packages accumulated approximately 300 downloads over several … Read more