Seems the installers hosted by them are fine. The links on the site have been changed to direct people towards Cloudflare R2 storage with various copies of malicious executables.
Looking forward to information down the line on how this came about.
Seems the installers hosted by them are fine. The links on the site have been changed to direct people towards Cloudflare R2 storage with various copies of malicious executables.
Looking forward to information down the line on how this came about.
Not exactly a supply chain compromise, as devs should be smart enough to update via a package manager such as winget and chocolatey, but it certainly fits for a watering hole attack.
I suppose one could view it as a supply-chain compromise of an alternate chain that's very short.