Comment on The Arch Linux AUR had over 400 packages compromised with malware
f4f4f4f4f4f4f4f4@sopuli.xyz 3 weeks agoThis is the fourth? post I’ve read about it.
The AUR (Arch User Repository) consists of user-submitted content. It’s equivalent to installing game.exe from somewebsite.com, so not surprising that it would be used as malware vector. Some are suggesting Arch is being targeted due to rising popularity of the Arch-based CachyOS.
dil@piefed.zip 4 days ago
Have to use paru instead of pacman to grab from aur on cachyos too and it isn’t recommended, I think I only ever had blender from there since it worked better with my amd gpu than the official tar and the flatpak.