Note on timelines: The security exper’s analysis indicates the attack ceased on November 10, 2025, while the hosting provider’s statement shows potential attacker access until December 2, 2025. Based on both assessment, I estimate the overall compromise period spanned from June through December 2, 2025, when all attacker access was definitively terminated.
I’m only aware of the one (somewhat extended) time described in the article. The dev(s?) has been upfront about what happened and provided updates as they learned more information, hence multiple headlines on the subject.
With these changes and reinforcements, I believe the situation has been fully resolved. Fingers crossed.
I’m only aware of the one (somewhat extended) time described in the article. The dev(s?) has been upfront about what happened and provided updates as they learned more information, hence multiple headlines on the subject.