Hackers Hide Linux Payload Under SSH-Like Filename During Package Installation

A new supply chain attack campaign is quietly targeting developers through a method most would never think to look for. Hidden inside software packages on GitHub, a malicious script downloads a Linux binary during installation and disguises it using a filename designed to look like a standard system

Source: Cybersecurity News