Post AuLS7UqseOwyvIKVCy by keepassxc@fosstodon.org
(DIR) More posts by keepassxc@fosstodon.org
(DIR) Post #AuJME1o03TPWp5nGvA by keepassxc@fosstodon.org
2025-05-21T06:47:39Z
4 likes, 21 repeats
🚨 *Attention!* We were made aware of a fake “KeePassXC Password Manager Pro” repository on GitHub that links to unverified external binary downloads.- There is NO Pro version of KeePassXC!- You get all the “Pro” features with the regular version. Please download KeePassXC only from trusted distribution channels linked on https://keepassxc.org/ !
(DIR) Post #AuJQczCbGpRHo0SNGa by keepassxc@fosstodon.org
2025-05-21T07:06:28Z
0 likes, 0 repeats
FYI: The "Download" link goes through I series of redirects with several obfuscated JavaScript pages in between. I didn't open it in a browser and therefore didn't spend the time to resolve the full chain to the final download, but the fact alone that these obfuscations are there speaks for itself.
(DIR) Post #AuJQd0XCJjVdwB6L0i by keepassxc@fosstodon.org
2025-05-21T07:13:09Z
4 likes, 1 repeats
GitHub took down the repository just now. It was up for 19 hours when we reported it. GitHub took action within roughly 2.5 hours, which was rather quick.
(DIR) Post #AuKnRz0i8Rt284Zsvo by 4lex4ndr4@infosec.exchange
2025-05-21T15:14:38Z
0 likes, 0 repeats
@keepassxc lol next gen encryption aes-256 ?Speaking of encryption any idea if (when) you will allow some kind of alpha for encryption that add quantum* resistance*where it may be necessary for encryption type and key that are vulnerable to quantum computers
(DIR) Post #AuKnS0509yufRfapG4 by keepassxc@fosstodon.org
2025-05-21T17:07:36Z
1 likes, 1 repeats
@4lex4ndr4 AES-256 is plenty post-quantum-secure.
(DIR) Post #AuLOd2B2OnYDRJXapE by eric@pl.starnix.network
2025-05-22T06:45:20.115078Z
0 likes, 0 repeats
@keepassxc KeePassXC Gold and KeePassXC Ultimate when
(DIR) Post #AuLS7UqseOwyvIKVCy by keepassxc@fosstodon.org
2025-05-22T07:11:05Z
4 likes, 3 repeats
@eric KeePassXC Plus subscription with ten new monthly passwords.
(DIR) Post #AuLpmP0PacHhbsGJoO by lminoza@piaille.fr
2025-05-21T07:12:52Z
0 likes, 0 repeats
@keepassxc It could be worse than just "we will make you pay for a free software developped by someone else" maybe…Do you think it could be related to the same sort of attack than against keepass ?https://www.bleepingcomputer.com/news/security/fake-keepass-password-manager-leads-to-esxi-ransomware-attack/
(DIR) Post #AuLpmPe7D02lb0q1hI by mangeurdenuage@shitposter.world
2025-05-22T11:49:31.862170Z
0 likes, 1 repeats
@lminoza @keepassxc >"we will make you pay for a free software developed by someone else"That is not an issue as long as the money is reinvested in the software or other free/libre software.
(DIR) Post #AuLpwckNM2AX7jdSq0 by mangeurdenuage@shitposter.world
2025-05-22T11:51:25.325775Z
0 likes, 1 repeats
@keepassxc Microsoft github and it's consequences are a disaster to the human species.
(DIR) Post #AuLq0PWKTLZ9GDs44O by keepassxc@fosstodon.org
2025-05-21T07:14:10Z
0 likes, 0 repeats
@lminoza Since there isn't any sort of payment involved, I would assume it's just some sort of malicious fork.
(DIR) Post #AuLq0QM5Muxxqk5Ok4 by mangeurdenuage@shitposter.world
2025-05-22T11:52:05.593762Z
0 likes, 1 repeats
@keepassxc @lminoza Stuff like that on fdroid was rampant at some point. More or less the case.