fix: linting issues, spelling and broken links

Author: yfolias

community/catalog/compromises/2003/gentoo-rsync.md

@@ -16,4 +16,4 @@ responsible for serving package sources to users.
 
 ## References
 
-- https://archives.gentoo.org/gentoo-announce/message/7b0581416ddd91522c14513cb789f17a
+- [Gentoo Linux server compromised](https://www.zdnet.com/article/gentoo-linux-server-compromised/)

community/catalog/compromises/2025/changed-files.md

@@ -1,3 +1,5 @@
+<!-- cSpell:ignore exfiltrated GHSA mrrh -->
+
 # tj-actions/changed-files GitHub Action Compromise
 
 In March 2025, attackers compromised the popular GitHub Action

community/catalog/compromises/2025/ghost-action.md

@@ -27,4 +27,4 @@ and publish software.
 
 ## References
 
-- [The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows](https://blog.gitguardian.com/ghostaction-campaign-3-325-secrets-stolen/)
+- [The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows](https://blog.gitguardian.com/ghostaction-campaign-3-325-secrets-stolen/)

community/catalog/compromises/2025/npm-ecosystem.md

@@ -1,3 +1,5 @@
+<!-- cSpell:ignore Shai Hulud Shai hulud -->
+
 # Widespread npm Ecosystem Supply Chain Attack
 
 The Widespread npm Supply Chain Attack, which began around September 8, 2025,
@@ -30,4 +32,4 @@ push malicious versions of legitimate packages.
 - [Ongoing Supply Chain Attack Involving npm Packages](https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-093)
 - [Shai-hulud supply chain attack spreads token-stealing malware on npm](https://www.reversinglabs.com/blog/shai-hulud-worm-npm)
 - [npm Chalk and Debug Packages Hit in Software Supply Chain Attack](https://www.sonatype.com/blog/npm-chalk-and-debug-packages-hit-in-software-supply-chain-attack)
-- [Another npm Supply Chain Attack: The 'is' Package Compromise](https://www.stepsecurity.io/blog/another-npm-supply-chain-attack-the-is-package-compromise)
+- [Another npm Supply Chain Attack: The 'is' Package Compromise](https://www.stepsecurity.io/blog/another-npm-supply-chain-attack-the-is-package-compromise)

community/catalog/compromises/2025/nx-platform.md

@@ -1,3 +1,5 @@
+<!-- cSpell:ignore ngularity exfiltrated -->
+
 # The Nx s1ngularity Attack Leading to Credentials Leak
 
 On August 26, 2025, attackers released malicious versions of the nx and @nx/*
@@ -30,4 +32,4 @@ compromise.
 
 - [Serious NX build compromise - what you need to know about the s1ngularity attack](https://www.kaspersky.com/blog/nx-build-s1ngularity-supply-chain-attack/54223/)
 - [The Nx "s1ngularity" Attack: Inside the Credential Leak](https://blog.gitguardian.com/the-nx-s1ngularity-attack-inside-the-credential-leak/)
-- [s1ngularity Nx Supply Chain Attack: AI-Driven Credential Theft & Mass Exposure](https://hivepro.com/threat-advisory/s1ngularity-nx-supply-chain-attack-ai-driven-credential-theft-mass-exposure/)
+- [s1ngularity Nx Supply Chain Attack: AI-Driven Credential Theft & Mass Exposure](https://hivepro.com/threat-advisory/s1ngularity-nx-supply-chain-attack-ai-driven-credential-theft-mass-exposure/)

community/catalog/compromises/2025/oracle-cloud.md

@@ -1,3 +1,5 @@
+<!-- cSpell:ignore Exfiltrated exfiltrated -->
+
 # Oracle Cloud SSO and Identity Infrastructure Compromise
 
 The Oracle Cloud data breach, publicly disclosed around March 21, 2025, involved
@@ -39,4 +41,4 @@ critical part of its service publishing and access layer.
 
 - [CloudSEK – The Biggest Supply Chain Hack of 2025: 6M Records Exfiltrated from Oracle Cloud](https://www.cloudsek.com/blog/the-biggest-supply-chain-hack-of-2025-6m-records-for-sale-exfiltrated-from-oracle-cloud-affecting-over-140k-tenants)
 - [CVE-2021-35587 – Oracle Access Manager Remote Code Execution Vulnerability](https://nvd.nist.gov/vuln/detail/CVE-2021-35587)
-- [Oracle Cloud Breaches Lead to CISA Guidance and Lawsuits](https://www.americanbar.org/groups/health_law/news/2025/4/oracle-cloud-breaches-lead-to-cisa-guidance-lawsuits/)
+- [Oracle Cloud Breaches Lead to CISA Guidance and Lawsuits](https://www.americanbar.org/groups/health_law/news/2025/4/oracle-cloud-breaches-lead-to-cisa-guidance-lawsuits/)

community/catalog/compromises/2025/rh-gitlab-instance.md

@@ -1,3 +1,5 @@
+<!-- cSpell:ignore exfiltrated -->
+
 # Red Hat Consulting GitLab Instance Breach
 
 In October 2025, Red Hat confirmed a security breach affecting a self-hosted

community/catalog/compromises/README.md

@@ -8,7 +8,7 @@ The goal is not to catalog every known supply chain attack, but rather to captur
 many examples of different kinds of attack, so that we can better understand the
 patterns and develop best practices and tools.
 
-For definitions of each compromise type, please check out our [compromise definitions page](community/catalog/compromises/compromise-definitions.md)
+For definitions of each compromise type, please check out our [compromise definitions page](compromise-definitions.md)
 
 We welcome additions to this catalog by [filing an
 issue](https://github.com/cncf/tag-security/issues/new/choose) or [github pull
@@ -74,7 +74,7 @@ of compromise needs added, please include that as well.
 | [NPM reverse shells and data mining](2020/nodejs.md) | 2020 | Dev Tooling | [1](https://www.bleepingcomputer.com/news/security/npm-nukes-nodejs-malware-opening-windows-linux-reverse-shells/) |
 | [Binaries of the CLI for `monero` compromised](2019/monero.md) | 2019 | Publishing Infrastructure | [1](https://web.getmonero.org/2019/11/19/warning-compromised-binaries.html), [2](https://github.com/monero-project/monero/issues/6151), [3](https://web.archive.org/web/20230630012925/https://old.reddit.com/r/Monero/comments/dyfozs/security_warning_cli_binaries_available_on/) |
 | [Webmin backdoor](2019/webmin-backdoor.md) | 2019 | Dev Tooling | [1](https://www.zdnet.com/article/backdoor-found-in-webmin-a-popular-web-based-utility-for-managing-unix-servers/), [2](http://www.webmin.com/exploit.html) |
-| [purescript-npm](2019/purescript-npm.md) | 2019 | Source Code | [1](https://www.npmjs.com/advisories/1082) and [2](https://www.npmjs.com/advisories/1082) |
+| [purescript-npm](2019/purescript-npm.md) | 2019 | Source Code | [1](https://github.com/advisories/GHSA-jxf5-7x3j-8j9m) |
 | [electron-native-notify](2019/electron-native-notify.md) | 2019 | Source Code | [1](https://blog.npmjs.org/post/185397814280/plot-to-steal-cryptocurrency-foiled-by-the-npm), [2](https://komodoplatform.com/update-agama-vulnerability/)|
 | [PyPI typosquatting](2019/pypi.md) | 2019 | Negligence | [1](https://blog.reversinglabs.com/blog/suppy-chain-malware-detecting-malware-in-package-manager-repositories) |
 | [ROS build farm compromise](2019/ros.md) | 2019 | Trust and Signing <br>Publishing Infrastructure</br> | [1](https://discourse.ros.org/t/security-issue-on-ros-build-farm/9342/8), [2](https://discourse.ros.org/t/new-gpg-keys-deployed-for-packages-ros-org/9454) |
@@ -93,8 +93,8 @@ of compromise needs added, please include that as well.
 | [HandBrake](2017/handbrake.md) | 2017 | Publishing Infrastructure | [1](https://blog.malwarebytes.com/threat-analysis/mac-threat-analysis/2017/05/handbrake-hacked-to-drop-new-variant-of-proton-malware/) |
 | [Kingslayer](2017/kingslayer.md) | 2017 | Publishing Infrastructure | [1](https://comsecglobal.com/kingslayer-a-supply-chain-attack/) |
 | [HackTask](2017/hacktask.md) | 2017 | Negligence | [1](https://securityintelligence.com/news/typosquatting-attack-puts-developers-at-risk-from-infected-javascript-packages/) |
-| [NotPetya](2017/notpetya.md) | 2017 | Attack Chaining | [1](https://www.welivesecurity.com/2017/07/04/analysis-of-telebots-cunning-backdoor/) |
-| [Bitcoin Gold](2017/bitcoingold.md) | 2017 | Source Code | [1](https://bitcoingold.org/critical-warning-nov-26/) |
+| [NotPetya](2017/notpetya.md) | 2017 | Attack Chaining | [1](https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/) |
+| [Bitcoin Gold](2017/bitcoingold.md) | 2017 | Source Code | [1](https://www.investopedia.com/news/bitcoin-gold-hack-shows-51-attack-real/) |
 | [ExpensiveWall](2017/expensivewall.md) | 2017 | Dev Tooling | [1](https://blog.checkpoint.com/2017/09/14/expensivewall-dangerous-packed-malware-google-play-will-hit-wallet/), [2](https://research.checkpoint.com/expensivewall-dangerous-packed-malware-google-play-will-hit-wallet/) |
 | [OSX Elmedia player](2017/elmedia.md) | 2017 | Publishing infrastructure | [1](https://www.hackread.com/hackers-infect-mac-users-proton-malware-using-elmedia-player/) |
 | [GitHub password recovery issues](2016/gh-unicode.md) | 2016 | Dev Tool <br> Source Code </br> | [1](https://bounty.github.com/researchers/jagracey.html), [2](https://dev.to/jagracey/hacking-github-s-auth-with-unicode-s-turkish-dotless-i-460n) |
@@ -116,6 +116,6 @@ of compromise needs added, please include that as well.
 | [WordPress backdoor](2007/wordpress.md) | 2007 | Source Code <br> Publishing Infrastructure </br> | [1](https://lwn.net/Articles/224997/) |
 | [SquirrelMail backdoor](2007/squirrelmail.md) | 2007 | Source Code <br> Publishing Infrastructure | [1](https://lwn.net/Articles/262688/) |
 | [Linux Kernel CVS Repository Hack](2003/kernel-repository.md) | 2003 | Source Code <br> Dev Tooling | [1](https://lwn.net/Articles/57135/) |
-| [gentoo rsync compromise](2003/gentoo-rsync.md) | 2003 | Publishing Infrastructure | [1](https://archives.gentoo.org/gentoo-announce/message/7b0581416ddd91522c14513cb789f17a) |
+| [gentoo rsync compromise](2003/gentoo-rsync.md) | 2003 | Publishing Infrastructure | [1](https://www.zdnet.com/article/gentoo-linux-server-compromised/) |
 | [Debian infra compromise](2003/debian.md) | 2003 | Publishing infrastructure | [1](https://www.debian.org/News/2003/20031202) |
 | [Unix Support Group login backdoor](1975/login-bell.md) | 1975 | Dev Tooling | [1](https://niconiconi.neocities.org/posts/ken-thompson-really-did-launch-his-trusting-trust-trojan-attack-in-real-life/) |