Storia in 9 fonti

Arch Linux locks down AUR signups amid wave of malicious commits

Community repo freezes new accounts after attackers swamp it with poisoned package updates

Raccontata dableepingcomputer.comthehackernews.comdev.toilsoftware.ittheregister.comhwupgrade.itsecurityweek.comthenextweb.comzdnet.com

Confronto fonti

6 prospettive sulla stessa storia

AI · summaries

theregister.comStai leggendo1 g fa

Arch Linux locks down AUR signups amid wave of malicious commits

Community repo freezes new accounts after attackers swamp it with poisoned package updates

originale

thenextweb.com23 h fa

Arch Linux AUR hit by malware targeting developer secrets

Attackers hijacked over 1,500 packages in Arch Linux's AUR to plant a credential stealer. The official repos are safe, but the trust model took the hit.

Leggi questa versione → originale

securityweek.com1 g fa

Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages

At least 1,500 malicious packages were published to the Arch User Repository (AUR) as part of the Atomic Arch supply chain attack.

Leggi questa versione → originale

hwupgrade.it1 g fa

Arch Linux: oltre 1.900 pacchetti AUR infettati da malware in pochi giorni

L'Arch User Repository (AUR) di Arch Linux � finito nel mirino di un attacco su larga scala: un malware nascosto negli script di installazione ha compromesso oltre 1.900 pacchetti nel giro di pochi giorni. Il team del…

Leggi questa versione → originale

zdnet.com3 h fa

Malicious apps got into the Arch User Repository - how to protect yourself

For the second time in a week, the AUR was found to contain malicious applications. What can Arch Linux users do about this?

Leggi questa versione → originale

bleepingcomputer.com4 g fa

Over 400 Arch Linux packages compromised to push rootkit, infostealer

More than 400 packages in the Arch User Repository (AUR) are distributing a Linux rootkit and infostealer malware targeting credentials and access tokens.

Leggi questa versione → originale

Timeline cronologica

1. venerdì 12 giugno 2026·bleepingcomputer.com
   

   Over 400 Arch Linux packages compromised to push rootkit, infostealer

   More than 400 packages in the Arch User Repository (AUR) are distributing a Linux rootkit and infostealer malware targeting credentials and access tokens.

2. venerdì 12 giugno 2026·thehackernews.com
   

   Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit

   Attackers hijacked 400+ Arch Linux AUR packages to run a Rust credential stealer, with optional eBPF rootkit support on root systems.

3. sabato 13 giugno 2026·dev.to
   

   Arch Linux Supply Chain Malware, repo-slopscore & AI Model Security Concerns

   Arch Linux Supply Chain Malware, repo-slopscore & AI Model Security Concerns ...

4. lunedì 15 giugno 2026·ilsoftware.it
   

   Arch Linux affronta una nuova ondata di malware sempre più sofisticata

   Una vasta campagna malware ha colpito l'AUR di Arch Linux compromettendo centinaia di pacchetti e rubando credenziali.

5. lunedì 15 giugno 2026·theregister.com
   

   Arch Linux locks down AUR signups amid wave of malicious commits

   Community repo freezes new accounts after attackers swamp it with poisoned package updates

6. martedì 16 giugno 2026·hwupgrade.it
   

   Arch Linux: oltre 1.900 pacchetti AUR infettati da malware in pochi giorni

   L'Arch User Repository (AUR) di Arch Linux � finito nel mirino di un attacco su larga scala: un malware nascosto negli script di installazione ha compromesso oltre 1.900 pacchetti…

7. martedì 16 giugno 2026·securityweek.com
   

   Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages

   At least 1,500 malicious packages were published to the Arch User Repository (AUR) as part of the Atomic Arch supply chain attack.

8. martedì 16 giugno 2026·thenextweb.com
   

   Arch Linux AUR hit by malware targeting developer secrets

   Attackers hijacked over 1,500 packages in Arch Linux's AUR to plant a credential stealer. The official repos are safe, but the trust model took the hit.

9. mercoledì 17 giugno 2026·zdnet.com
   

   Malicious apps got into the Arch User Repository - how to protect yourself

   For the second time in a week, the AUR was found to contain malicious applications. What can Arch Linux users do about this?