xubuntu.org compromised
Thomas Ward
teward at thomas-ward.net
Mon Oct 20 02:39:09 UTC 2025
I already reached out to Canonical IS because they can shut the DNS if needed.
This was IS's reply via the ticket I opened.
Thanks for reporting this incident.
Our on-call engineer put an emergency redirect in place preventing access to the `/download` path after this was raised internally during the weekend, and we are now investigating the matter further.
Sent from my T-Mobile 5G Device
-------- Original message --------
From: Jeffrey Walton <noloader at gmail.com>
Date: 10/19/25 01:59 (GMT-05:00)
To: Andrea Corbellini <corbellini.andrea at gmail.com>
Cc: ubuntu-devel-discuss <ubuntu-devel-discuss at lists.ubuntu.com>
Subject: Re: xubuntu.org compromised
On Sun, Oct 19, 2025 at 12:27 AM Andrea Corbellini
<corbellini.andrea at gmail.com> wrote:
>
> The xubuntu.org download page is serving malware.
>
> Please see this email from arraybolt3 on the xubuntu-devel mailing list for details: https://lists.ubuntu.com/archives/xubuntu-devel/2025-October/012209.html
>
> This has been ongoing for several hours, hence sending on this mailing list too hoping that the right people can be notified.
>
> Whoever has some control over xubuntu.org, please take it offline as soon as possible.
You should probably email the Ubuntu and Xubuntu security teams. See
<https://wiki.ubuntu.com/SecurityTeam/Contacts>. I cannot find a
separate contact for the Xubuntu team.
Jeff
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss at lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-devel-discuss/attachments/20251020/a04c581d/attachment.html>
More information about the Ubuntu-devel-discuss
mailing list