this post was submitted on 13 Jun 2026
41 points (100.0% liked)

Arch Linux

289 readers
1 users here now

Discussion community about the Arch Linux distro.

Wiki : https://wiki.archlinux.org/

Site : https://archlinux.org/

Packages : https://archlinux.org/packages/

GitLab : https://gitlab.archlinux.org/archlinux

Downloads : https://archlinux.org/download/

founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] Infernal_pizza@lemmy.dbzer0.com 2 points 3 weeks ago (2 children)

Is this newly submitted packages which are malware, or existing packages which had malware introduced to them? And is there a list of affected packages anywhere?

[–] diverging@piefed.social 8 points 3 weeks ago (1 children)

It looks like they were existing packages.

List here: https://cscs.pastes.sh/raw/aurvulnlist20260611.txt

Got that from: https://discuss.cachyos.org/t/aur-compromised-1500-packages-affected-20260611/31040
They have a script that can check if you have any of them.

[–] Infernal_pizza@lemmy.dbzer0.com 4 points 3 weeks ago

Thanks, looks like I'm ok

[–] fistac0rpse@fedia.io 4 points 3 weeks ago

They're existing packages that were abandoned by the original authors and then had ownership claimed by malicious parties