Over 400 AUR Packages Hijacked in Supply Chain Attack

Attackers hijacked over 400 Arch User Repository packages by adopting orphaned projects and rewriting build scripts to install a Rust credential stealer. The malware can load an eBPF rootkit if run with root privileges. The official Arch repositories were not affected. Users who installed or updated AUR packages on or after June 11 should check affected-package lists.