DigiNews

Summary

A CachyOS forum thread reports a large-scale compromise of the Arch User Repository (AUR), with 1,500+ packages affected by malware. The discussion emphasizes that AUR is open and not officially secured, recommends reviewing PKGBUILDs, and provides scripts and commands to detect potentially infected packages, while noting that such checks are advisory and may yield false positives.