The SSH daemon had been compromised and thus project passwords may have been exposed.
The potential problem is that any exposed code may have been hacked itself and thus, being honest, the entire repository becomes distrusted.
Also, the notifications are being distrusted as this is exactly the kind of message we are told to ignore •everyday•. Phishing it’s called.
It is a shame that the Open Source community has been attacked in this way. The service SourceForge have offered over the years is an excellent example of the IT community working cooperatively.
Google News (SourceForge Hack) 03/02/2011
Dictionary.Com (Phishing) 03/02/2011
Te Register (SourceForge Response) 03/02/2011
Softpedia (security) 03/02/2011
SourceForge ()blog 03/02/2011
Back to top
Good luck guys.
– Posted using BlogPress from my iPhone