DigiNews

Summary

Phoronix reports that Arch Linux's AUR was breached by a malware campaign, compromising over 400 user-submitted packages. Maintainers are resetting/deleting malicious content and banning affected accounts; a later update indicates the incident impacted more packages than initially thought. The event underscores supply chain risks in open-source repositories and the importance of rapid incident response and integrity checks for package ecosystems.