Security: OpenImaj nexus instance appears compromised #166
I strongly suspect that the OpenImaj maven server is compromised and serving counterfeit artifacts under dozens of org namespaces.
I discovered this by reading Artifactory request logs, local publish was failing because Artifactory would discover (and download) files from
These are not duplicates or copies - the extensions are SHAs and asc signatures, but the contents show code injection/adware.
From what I can tell, it's not our instance that's been compromised, but rather our nexus was proxying a remote repo that had been compromised :(
I believe I've fixed the immediate problem by disabling all the proxied repositories - I'll hunt through to try and figure out which one was causing the problems. In the mean-time maven.openimaj.org will only contain the openimaj jars, but none of the external dependencies (although hopefully most of them are available on central anyway)