A massive supply chain attack targeting the Arch User Repository (AUR) has compromised more than 400 community-maintained packages, with attackers injecting malicious build scripts designed to deploy credential-stealing malware and rootkit-style payloads on affected Linux systems.
  • HaraldvonBlauzahn@feddit.orgEnglish
    2·
    18 hours ago

    Isn’t the issue then that the official Arch repositories don’t have many packages …?

    Not at all. The official Arch distribution has tens of thousands of packages and the user repository / AUR probably more than 100,000 .

    Edit: I looked it up:

    • According to distrowatch.com, the Arch Linux distribution has over 17,000 packges by now
    • Meanwhile, the number of packages in the Arch User Repository is 114,000 .