Summary: On July 13, 2021, due to misconfigured project settings, an unauthorized editor added malicious links to the Github-hosted librdkafka wiki page. These links to malicious binaries masqueraded as librdkafka download links for different platforms, even though we have never distributed librdkafka in this manner. The librdkafka underlying source code, artifacts, binaries, releases, and packages were not impacted by this incident. The issue was detected and resolved on September 28, 2021.

What remedial actions have we taken to mitigate this?: The unauthorized edit was reverted and editing permissions were restricted. The other wiki pages have been inspected and checked for unauthorized edits. No other edits have been found.

Action Recommended: If you believe you have downloaded software by directly clicking on a link on the impacted page during the time period mentioned above, please inspect your computer for signs of malware installation. Based on our analysis, the malware delivered by these links did not attempt to impersonate the functionality of librdkafka or act as a “trojan horse”.

• FAQ
• Powered by librdkafka
• Broker version compatibility
• Proper termination sequence
• Statistics
• How to decrease message latency
• Using SSL with librdkafka
• Using SASL and Kerberos with librdkafka
• Error handling
• Language bindings development - for high-level language bindings on top of librdkafka

• Consumer offset management
• Consumer lag monitoring

• Consuming from multiple topics+partitions from a single thread

• How to implement a sync producer