Technology⚠ unverified · 20%

A supply chain attack on the Arch User Repository (AUR) compromised over 400 packages by injecting malicious build scripts to deploy credential-stealing malware. Identified around June 11, 2026, attac

Name: A supply chain attack on the Arch User Repository (AUR) compromised over 400 packages by injecting malicious build scripts to deploy credential-stealing malware. Identified around June 11, 2026, attac
Start: 2026-06-15T13:35:51.473287Z

Machine-generated label — not the source headline.

Unverified, machine-classified. This event was auto-detected from a single BLUESKY news source. The title is a machine-generated label — not the article’s headline — and may not reflect the source. Open the source to confirm; treat as a developing signal until verified.

When: 2026-06-15 13:35 UTC
Where: Location unknown
Category: cyber · supply_chain_attack

A supply chain attack on the Arch User Repository (AUR) compromised over 400 packages by injecting malicious build scripts to deploy credential-stealing malware. Identified around June 11, 2026, attackers targeted orphaned packages, modifying PKGBUILD scripts to install rogue npm packages.

Sources

Bluesky ↗ · first seen 2026-06-15 13:35 UTC

Defaxon links out to the original reporting and never republishes article text.

Correlated events

Computed by the Defaxon correlation engine — linked by shared actors, co-location, and temporal proximity. Scored hypotheses, never causal claims.

← Back to the live map