104
Active AUR malicious packages incident (archlinux.org)
submitted 1 day ago by nemeski@mander.xyz to c/linux@programming.dev
27 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] patlefort@lemmy.world 2 points 1 day ago

It also had an install script that will be run as root when the package is installed. Can't sandbox that.

this post was submitted on 12 Jun 2026
104 points (100.0% liked)

Linux

13931 readers
429 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 3 years ago
MODERATORS
Ategon@programming.dev
anzo@programming.dev
dwraf_of_ignorance@programming.dev