Find notable cyber news and cases, enriched with sources, timelines, and signals.

OpenMandriva Linux project hit by cyberattack

Incident
First reported
Last updated
Happening score
H score 32
1 unique sources, 1 articles

Summary

Hide ▲

The OpenMandriva Linux project is recovering from an attempted internal sabotage that deleted repositories and published an empty package that could have damaged user systems. The destructive changes hit GitHub and the Cooker development branch, affecting GNOME and Cosmic packages. The project is restoring content and running a full system audit to check for more unauthorized changes.

Related Happenings

North Korean Contagious Interview PolinRider supply-chain campaign

Campaign
H score51 First: 04.07.2026 14:17 Last: 04.07.2026 14:17 Sources 1

About this happening: The **Contagious Interview / PolinRider** campaign is still active, with **108 unique packages and browser extensions** published across **npm, Packagist, Go, and Google Chrome**....

Atomic-lockfile rootkit-infostealer distribution through AUR packages

Malware Activity
H score3 First: 12.06.2026 20:03 Last: 12.06.2026 20:03 Sources 1

About this happening: **AUR packages** are distributing the **atomic-lockfile** **Linux rootkit and infostealer** through compromised build scripts, with **more than 400 packages** reported and the **o...

AUR package-hijacking campaign delivering atomic-lockfile

Campaign
H score11 First: 12.06.2026 20:03 Last: 12.06.2026 20:03 Sources 1

About this happening: **AUR package-hijacking campaign** is abusing **more than 400** compromised **Arch User Repository (AUR)** packages to deliver **atomic-lockfile**, turning the **AUR** build path...

IronWorm npm supply-chain infection and self-propagation

Malware Activity
H score15 First: 04.06.2026 18:25 Last: 04.06.2026 18:25 Sources 1

About this happening: **IronWorm** is a **Rust** infostealer in a **npm supply-chain** activity that hides behind an **eBPF kernel rootkit**, communicates over **Tor**, and targets **86 environment var...

Asteroiddao hit by network compromise

Incident
H score13 First: 04.06.2026 18:25 Last: 04.06.2026 18:25 Sources 1

About this happening: **asteroiddao** suffered a compromised-account incident that let malicious npm package versions and repository commits seed a wider **supply-chain attack**. The account was used t...

Timeline

  1. 10.07.2026 01:14 2 articles · 1h ago

    OpenMandriva Linux says contributor dispute led to attempted internal sabotage

    Initial Disclosure

    OpenMandriva Linux said it was targeted by an attempted internal sabotage after a dispute among contributors, with destructive changes including deletion of GitHub repositories and publication of an empty package in Cooker that could have affected users' systems; the project said it is restoring deleted repositories and packages and conducting a full system audit.

    Show sources