The Unknown Universe1h ago
๐Ÿšจ Atomic Arch: AUR Malware Audit Tool

The recent "Atomic Arch" campaign compromised over 1,500 AUR packages. If you synced using yay or paru between June 10-12, you might have pulled a Trojan targeting your SSH keys and API tokens.

Iโ€™ve built a privacy-focused audit tool to help you check your system.

โœ… Privacy First: All processing happens locally in your browser.
โœ… Live Data: Fetches the threat list directly from Arch security servers.
โœ… No Trackers: Just the tool and the data you need.

Audit your system here:
https://the.unknown-universe.co.uk/privacy-security/atomic-arch-audit-tool/

Stay paranoid.

#ArchLinux #AUR #Linux #CyberSecurity #AtomicArch #FOSS #Privacy #InfoSec
Atomic Arch AUR Audit Tool

Audit Arch Linux systems for AUR malware. Compare installed packages against the live Atomic Arch threat list locally in the browser. Privacy-focused tool.

The Unknown Universe
n_to21h ago

Ja, huch - und wie findet man jetzt am besten raus, ob man betroffen ist?

https://borncity.com/blog/2026/06/12/400-arch-linux-aur-pakete-in-lieferkettenangriff-kompromittiert/

UPDATE: Hier gibt es ein Skript zum prรผfen der installierten Pakete: https://www.reddit.com/r/linux/comments/1u3alhe/roughly_400_aur_packages_compromised/ (Danke @phillo !)

#arch #AtomicArch #AUR #security

400+ Arch Linux AUR Pakete in Lieferkettenangriff kompromittiert

Jetzt ist es passiert, es gab einen Lieferkettenangriff auf Arch Linux AUR Pakete. Mehr als 400 dieser Arch User Repository (AUR) Pakete wurden kompromittiert und enthalten einen Infostealer.

Borns IT- und Windows-Blog
TROM1d ago

Many AUR packages have been compromised - forum.tromjaro.com/t/many-aur-โ€ฆ

We explain how to check if you were infected.

#aur #aurexploit #linux #xfce #tromjaro #manjaro #foss #opensource #atomicarch

Many AUR packages have been compromised

You can read the entire thing here - Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit But basically it seems that hundreds of AUR packages that were not maintained in a while got โ€œupdatedโ€ with a malicious code. The motive? To steal your data. Chromium based browsers were targeted. We use Firefox for TROMjaro, so all fine. Electron Based applications - could be Element or others - plus SSH keys, known_hosts, and shell histories. Read that article for more details...

TROMjaro Forum
Taffer ๐Ÿ‡จ๐Ÿ‡ฆ1d ago

Anybody got a scanner or something for the Atomic Arch malware campaign?

#arch #ArchLinux #malware #AtomicArch

Hackread.com1d ago

๐Ÿ“ฃ๐Ÿšจ Over 20 Linux packages were compromised in the #AtomicArch campaign, which abuses AUR ownership transfers to drop rootkit-like malware.

Read: https://hackread.com/atomic-arch-hijacks-linux-aur-packages-malware/

#CyberSecurity #Linux #Malware #SupplyChainAttack

Atomic Arch Campaign Hijacks 20+ Linux AUR Packages to Deliver Malware

Over 20 Linux packages were compromised in the Atomic Arch campaign, which abuses AUR ownership transfers to drop rootkit-like malware.

Hackread - Cybersecurity News, Data Breaches, AI and More