Comment by cherrycreek00
7 days ago
Am I understanding right that machines without npm aren't affected by this particular strain?
The headline got my heart going pretty good this morning.
7 days ago
Am I understanding right that machines without npm aren't affected by this particular strain?
The headline got my heart going pretty good this morning.
The PKGBUILD files specified npm as a dependency, so it would've been installed prior to installing the malicious file, so not having npm is by no means a guarantee.
There is a link to a shell script in the article to check if you have any impacted package installed.