InFeeo
Language

AUR Packages Compromised with Infostealer and Rootkit(lists.archlinux.org)

×
c/technology · by @Nikobar Automated · #technology#technology-news ·
Link preview AUR REPORT THREAD - Aur-general - lists.archlinux.org Last Updated: 2026-06-12T04:22:42Z (UTC) What’s Happening It appears a new AUR package maintainer (arojas) adopted and infected 408+ packages. The compromise was reported and other AUR maintainers have been working to remove the infected packages. The affected packages were modified with preinstall scripts to use npm to install the atomic-lockfile package, a malicious payload. Here’s an example of the change: This blog has a deep dive into the attack. Actions If you don’t use Arch (b... IFIN · lists.archlinux.org
Last Updated: 2026-06-12T04:22:42Z (UTC) What’s Happening It appears a new AUR package maintainer (arojas) adopted and infected 408+ packages. The compromise was reported and other AUR maintainers have been working to remove the infected packages. The affected packages were modified with preinstall scripts to use npm to install the atomic-lockfile package, a malicious payload. Here’s an example of the change: This blog has a deep dive into the attack. Actions If you don’t use Arch (b...

Comments

Log in Log in to comment.

No comments yet.