Over 900 Arch Linux Packages Infected with infostealers and rootkits
fortran77
20 points
3 comments
June 12, 2026
Related Discussions
Found 5 related stories in 105.7ms across 10,324 title embeddings via pgvector HNSW
- AUR packages compromised with Infostealer and Rootkit keyle · 283 pts · June 12, 2026 · 78% similar
- Arch Linux's AUR Sees More Than 400 Packages Compromised with Malware spiros · 32 pts · June 12, 2026 · 77% similar
- Over 400 Malicious packages found in Arch AUR Hydrocarb0n · 11 pts · June 12, 2026 · 76% similar
- There is a bunch of malware being spotted in the AUR Velocifyer · 13 pts · June 11, 2026 · 72% similar
- For the 2nd time in weeks, Microsoft packages laced with credential stealer cdrnsf · 40 pts · June 08, 2026 · 50% similar
Discussion Highlights (2 comments)
mdlxxv
Very misleading title. AUR "recipes" are NOT official Arch Linux packages. Basically anyone can upload stuff to the AUR. Users are expected to read and understand the AUR PKGBUILDs before trying to build them.
WalterGR
https://news.ycombinator.com/item?id=48500447 “AUR packages compromised with Infostealer and Rootkit” (ifin.network) 257 points | 15 hours ago | 189 comments