National Cyber Warfare Foundation (NCWF)

400+ Arch Linux AUR Packages Hijacked to Install Rust Credential Stealer
0 user ratings		2026-06-12 19:36:09
milo
Attacks
Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them.

The malware is a Rust binary built to harvest developer secrets. When it lands with root, it can also load an eBPF rootkit to hide itself. The AUR is Arch Linux's community package collection, and it is separate



Source: TheHackerNews
Source Link: https://thehackernews.com/2026/06/400-arch-linux-aur-packages-hijacked-to.html

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Attacks


Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.