AUR was considered a looming security threat.
A wave of malicious commits hit the Arch User Repository (AUR) over the weekend, prompting the team to disable new account ...
Attackers hijacked 400+ Arch Linux AUR packages to run a Rust credential stealer, with optional eBPF rootkit support on root ...
Looks like the Arch Linux AUR (Arch User Repository) needs some better security and package checks - as some malicious users ...
Oh dear, the situation with the Arch Linux AUR got a fair bit worse since GamingOnLinux initially covered the malicious ...
An AUR supply chain attack compromised more than 400 Arch Linux packages from 11 June 2026, planting a Rust credential ...
At least 1,500 malicious packages were published to the Arch User Repository (AUR) as part of the Atomic Arch supply chain ...
How-To Geek on MSN
I tested 9 Arch-based Linux distros, here's how I rank them
I've run Arch nine different ways, BTW.
Malicious apps got into the Arch User Repository - how to protect yourself ...
Attackers hijacked over 1,500 packages in Arch Linux's AUR to plant a credential stealer. The official repos are safe, but the trust model took the hit.
Arch Linux defends itself against a wave of attacks that have massively contaminated package descriptions in the unofficial Arch User Repository with malware.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results