Skip to main content

Snap store from Canonical hit with malicious apps https://www.gamingonlinux.com/2023/10/snap-store-from-canonical-hit-with-malicious-apps/

#Ubuntu #Snap #Canonical

Snap store from Canonical hit with malicious apps

Canonical are currently dealing with a security incident with the Snap store, after users noticed multiple fake apps were uploaded so temporary limits have been put in place.
Liam Dawe (GamingOnLinux)
#ubuntu #canonical #snap
in reply to Liam @ GamingOnLinux 🐧🎮

Antifa Franklin 🇵🇸
Antifa Franklin 🇵🇸
linux must be getting popular with the amount of malware and security problems. The year of the linux desktop is finally upon us inshallah
in reply to Liam @ GamingOnLinux 🐧🎮

dbat :godot: (Viva Ukraine)
dbat :godot: (Viva Ukraine)

Hoo-boy, super dodgy.

I use Ubuntu, but the snap store thing is so ... smelly. Just look at the comments on the apps available. They are such a toxic vector and now it looks like the apps themselves are going toxic too.

What's the solution? Ubuntu has to work harder on behalf of users; but that's easy to say.

Even the big $$ companies like MS, Steam, Google and on-and-on, can't get their stores under control.

in reply to Liam @ GamingOnLinux 🐧🎮

Brodie Robertson
Brodie Robertson
I'm not sure how a single author uploading 3 different apps from 3 competing products on the same day didn't set off any alarm bells.
in reply to Liam @ GamingOnLinux 🐧🎮

Michal Špondr
Michal Špondr
Almost all Electron apps have the *critical* CVE-2023-4863 problem.
https://snyk.io/blog/critical-webp-0-day-cve-2023-4863/

Critical WebP 0-day security CVE-2023-4863 impacts wider software ecosystem

CVE-2023-4863 vulnerability identified in the WebP library `libwebp` extends to more than just browsers - Learn how to find and fix this critical vulnerability with Snyk
Brian Clark (Snyk)

Lo, thar be cookies on this site to keep track of your login. By clicking 'okay', you are CONSENTING to this.