There is a vulnerability in the Plasma desktop that KDE developers are currently working to patch. The details are here.
For the moment avoid downloading .desktop or .directory files and extracting archives from untrusted sources.
Also, if you discover a similar vulnerability, it is best to send an email firstname.lastname@example.org before making it public. This will give us time to patch it and keep users safe before the bad guys try to exploit it.
"Researcher did not notify KDE team" What a shit and what a strange excuse.
But please, make KDE safer and stay that way, because I really like it.
This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!