We saw #malware uploads to Codeberg increase in the past weeks. Although our users are likely not the target audience of these files, we still want to remind you:
Watch out and stay secured. Do not run files from untrusted authors.
On Codeberg, double-check the project's legitimacy (e.g. user age, stars / issues / activity) or the source code itself.
Visit the project's homepage and use official download sources.
Never let emails panic you, consider if it's part of a #phishing campaign.
@irix We do not think that all of our users are too smart. Especially with the use of social engineering and phishing, doing mistakes is sometimes easier than we think.
However, the campaigns seem to only abuse Codeberg as storage space, they seem not to try to trick Codeberg users from the explore view etc into the downloads.
Add comment