The Hacker News

Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit

Attackers hijacked 400+ Arch Linux AUR packages to run a Rust credential stealer, with optional eBPF rootkit support on root ...
GamingOnLinux

The Arch Linux AUR had over 400 packages compromised with malware

Looks like the Arch Linux AUR (Arch User Repository) needs some better security and package checks - as some malicious users ...

Malicious apps got into the Arch User Repository - how to protect yourself

Malicious apps got into the Arch User Repository - how to protect yourself ...
latesthackingnews.com

Atomic Arch: 400+ AUR Packages Backdoored with eBPF Rootkit and Credential Stealer

An AUR supply chain attack compromised more than 400 Arch Linux packages from 11 June 2026, planting a Rust credential ...

Arch Linux locks down AUR signups amid wave of malicious commits

A wave of malicious commits hit the Arch User Repository (AUR) over the weekend, prompting the team to disable new account ...
SecurityWeek

Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages

At least 1,500 malicious packages were published to the Arch User Repository (AUR) as part of the Atomic Arch supply chain ...

Attack wave on Arch Linux: hundreds of package descriptions with malware in AUR

Arch Linux defends itself against a wave of attacks that have massively contaminated package descriptions in the unofficial Arch User Repository with malware.
Bleeping Computer

Malware Found in Arch Linux AUR Package Repository

The Arch Linux team has warned users for years about verifying each AUR package before installing it. The Arch Linux team is the second Linux distro that has found malware on its user-submitted ...