Aur
400+ AUR Packages Compromised: atomic-lockfile npm Payload Drops Credential Stealer With eBPF Rootkit
Over 400 Arch User Repository packages were modified to pull a malicious npm package that deploys a developer-focused credential stealer with optional root-only eBPF rootkit capabilities.