Malware in Arch Linux AURs inserts Russian spam into shell configs
Summary
An Arch Linux AUR thread describes malware activity that injects spam into shell startup files via malicious AUR commits. The community is actively cleaning malicious commits, banning offending accounts, and coordinating with maintainers. This highlights Linux package ecosystem risks and the need for rapid incident response and vetting of user-contributed packages.