Attackers hijacked 1,500 Arch Linux packages

Attackers seized over 1,500 packages in the Arch User Repository by adopting orphaned packages and rewriting build instructions to install a credential stealer. No accounts were compromised. Arch froze new registrations while cleaning up. Official repos were unaffected.