[perihelions]

"Bleeping Computer" published screenshots of it (and also has some analysis),

https://www.bleepingcomputer.com/news/security/popular-coa-n...

[d3nj4l]

This should be a top-level comment, if not a post in its own right - it explained the entirety of the situation way better than TFA.

[strogonoff]

That post doesn’t say much about `coa`, besides “new versions started appearing and builds started failing”. The bug report linked from GitHub advisory does a good job of describing the issue, though: https://github.com/veged/coa/issues/99

[d3nj4l]

That's fair, but it describes the change in great detail, and makes it easier to figure out that the primary issue was only on Windows systems.

[isodev]

So if I’m reading this correctly, only Windows hosts are directly affected by the malware. On macOS and Linux one only needs to rollback to a healthy version of the package?