alt Hacker NewsThe internal auto updater of the app directly use github as source, was this also compromised ? If malware was only on some random apkmirror upload then it should probably be fine for most users.
The internal auto updater of the app directly use github as source, was this also compromised ? If malware was only on some random apkmirror upload then it should probably be fine for most users.
Apparently, yes. My guess is it was the Shai-hulud npm malware leaking their Github keys.