"Numerous orgs hacked after installing weaponized open source apps" (PuTTY, KiTTY, TightVNC, Sumatra PDF Reader, and muPDF/Subliminal Recording)
@momar @lupyuen but on Linux, you generally use package manager, so there is not this kind of risk. If you need to install application, still not in your package repository, you verify the source too. This is here a problem of basic security education among Windows users, and a try by Microsoft to discredit open source softwares, if there is any proof this really happen ^^.
@lupyuen “ZINC—Microsoft’s name for a threat actor group also called Lazarus” <= Microsoft that say “don’t install open source software, that’s dangerous”… Is it really reliable source or not??? ^^. At least it seems it only is enabled on Windows version of these opensource software, and the source of these binaries is not given, so impossible to know which servers give them… without verifying the source/control sums.