Bleeping Computer

Arch Linux pulls AUR packages that installed Chaos RAT malware

Arch Linux has pulled three malicious packages uploaded to the Arch User Repository (AUR), which were used to install the CHAOS remote access trojan (RAT) on Linux devices. The packages were named ...
PC World

Ubuntu, ownCloud, and a hidden dark side of Linux software repositories

The version of ownCloud in Ubuntu’s Universe repositories is old and full of “multiple critical security vulnerabilities.” It’s no secret. The ownCloud project itself asked Ubuntu to remove it so ...
ZDNet

Linux Foundation's trust scorecards aim to battle rising open-source security threats

Open-source code has become a malware vector. For example, by the closest of shaves, an open-source developer discovered that Jia Tan, a chief programmer and maintainer of the Linux xz data ...
Bleeping Computer

Kali Linux warns of update failures after losing repo signing key

Offensive Security warned Kali Linux users to manually install a new Kali repository signing key to avoid experiencing update failures. The announcement comes after OffSec lost the old repo signing ...
Ars Technica

Backdoor found in widely used Linux utility targets encrypted SSH connections

Researchers have found a malicious backdoor in a compression tool that made its way into widely used Linux distributions, including those from Red Hat and Debian. Because the backdoor was discovered ...