It already is pretty rampant, however most Linux admins have minimal if any detection strategy.

Additionally, while there’s plenty of binaries about like VoidLink, almost all campaigns against Linux hosts target SSH, or RCE vulnerabilities, and deliver shell scripts that orchestrate the attack.

Why compile a binary when the shell has everything you need? The threat models are pretty different between Windows and the *nix world.

When you look at botnet composition, they’re usually made up of outdated Linux hosts with SSH open with password-based authentication.

Seriously people, switch to key-based auth and disable password auth entirely.

X11 isn’t Linux… Linux is excellent for backwards compatibility. Can’t say the same about userspace though.

It does work but if you’re using Wayland, it won’t. But one would be rather silly to expect an X11/Xlib tool to work without X11.

And don’t drink spirits. Keep your drinks to lower alcohol percentages (e.g. beer) so you can control your intake and moderate how quickly you get drunk and how drunk you get.

And if you start to notice you’re struggling with basic motor skills (using your hands, walking, standing, etc) it’s time to stop and switch to water. And maybe eat some carbohydrates and fats.

Only the probability of the next token after tokenisation of it.

When young, want grow up. When grow up, want be young. Simples.

1, 2, 3, 10, 11, 12, 13, 20, 21, 22, 23, 30…

You wouldn’t be surprised to see him in the files? I think you mean “yes” you would (since it would make zero sense).

This is how I feel every time I use Docker.

I’d rather a Mac than a Windows box. At least you get a proper shell (zsh or bash - zsh is the default now I think), python installed by default, can install package managers (macports, brew), can get coreutils, etc and most FOSS software from the Linux world runs since macs are UNIX at heart.

I’m pretty sure cd isn’t even coreutils but implemented by shells as a wrapper for chdir/fchdir which is part of the kernel. Which has always bugged me since you can’t reliably pipe or redirect to cd since shells do things differently; it doesn’t handle stdin or the last component of a command runs in a subshell so doesn’t affect your current shell, blah blah.

Or S is a straitjacket for TempleOS users

CVEs don’t get issued “resolved” statuses… They are either reserved, published, or rejected (technically NVD have a few extra for published). That’s just junk data in that tool you’re using. Use authoritative sources like cve.org or nvd.nist.gov.

You can see the CPEs on NVD and they’re old versions of Plex (and were old when the vulns were published).

You’re aware those CVEs are only relevant for ancient versions of Plex and were fixed long ago?

You’re going to need to back up your claim otherwise you might as well be lying as there’s no CVE like this I can find nor any public disclosure.

Plex have a bug bounty program and a responsive security team too.

Post your security report.

Not with that attitude!

And wasn’t the makeup to hide chlamydia / syphilis etc?

No virus or ransomware? Also nonsense. BERT, Pay2Key, Helldown are but a few examples of ransomwares that target Linux.

Both faster_log and async_println were purely malicious packages (not taken over and turned malicious).

I know faster_log is typosquatting / luring fast_log users but I’m not sure about about async_println (which was a clone of the malicious faster_log).

async_std::print is a thing so I guess trying to lure users who search crates before docs :shrug:

Both were impersonating fast_log.

Valheim