Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 16 submissions in the queue.

Submission Preview

Link to Story

More malware uploaded to Arch Linux AUR

Accepted submission by Anonymous Coward at 2025-08-06 02:15:51
Security

An Anonymous Coward writes:

Linuxiac reports [linuxiac.com] that another malicious package has been uploaded to the Arch User Repository (AUR). This time around the package was google-chrome-stable, which installed a remote-access trojan along with Google Chrome.

        The good news—if you can call it that—is that the google-chrome-stable package was available on the AUR only for a few hours before the malware hidden inside was discovered. Still, it did get a few upvotes, which suggests at least some users ended up installing it.

The Arch Linux project had to warn users about a similar attack less than a month ago [lwn.net] when a user uploaded three browser packages that also installed a malicious script identified as a remote-access trojan.

::: https://lwn.net/Articles/1032193/ [lwn.net]

Original Submission