They’re not even that stealthy. The code is bullshit, gitignore folder is super suspicious and malware is just a binary within the zip file. Clearly meant for script kiddies.

Yep, noticed that too. @jerry should file a bug report. Is this issue present on other instances or just infosec.pub?

There is PR dealing with scheduled tasks which might be related: https://github.com/LemmyNet/lemmy/pull/3090 , but someone needs to check server logs to figure it out.

With all of the embarrassing command injections they keep getting, Fortinet should assess their SOC and incident preparedness and find compromises that may lie hidden by calling their own Security Advisory Services.