Source: Research Snipers
“Arch Linux continues to struggle with a large-scale malware wave in its user repository AUR (Arch User Repository). This is currently literally flooded with malware. The attack continues and becomes more sophisticated. After the developers behind the Linux distribution initially assumed that they had brought the security incident under control with more than 1,500 affected packages in which malicious code was integrated, further manipulated code submissions have now been discovered. … The incident once again raises questions about the security of the AUR. Unlike the official Arch Linux package sources, the repository is maintained by users who can provide their own software packages there. Given the repeated findings, some observers are calling for additional protective measures or even a temporary shutdown of the service until more effective security controls can be put in place.” (06/15/26)
https://researchsnipers.com/major-attack-on-arch-linux-massive-malware-injection-into-the-aur/