To Make Things Easier, CachyOS Created a RUST-Based GUI Package Manager

There are a couple of graphical package managers for Arch-based distros, but CachyOS created a new one in Rust.

Arch Linux Now Believes Malware Incident Under Control: More Than 1,500 Affected Packages

The day started out with Arch Linux's AUR user-contributed repository seeing more than 400 packages compromised with malware

Before you continue

400+ AUR Packages Compromised with Infostealer and Rootkit

Last Updated: 2026-06-12T04:22:42Z (UTC) What’s Happening It appears an AUR package maintainer’s account (arojas) was compromised. The maintainer’s account had write access to over 400 package repos. The compromise was reported and other AUR maintainers have been working to remove the infected packages. The affected packages were modified with preinstall scripts to use npm to install the atomic-lockfile package, a malicious payload. Here’s an example of the change: This blog has a deep d...

Ruby Fights Supply-Chain Attacks With Filter Offering 'Cooldown' Before Installing New Packages - Slashdot

Most supply-chain attacks using Ruby's package hosting site "exploit a narrow window," according to a new blog post form Ruby core maintainer Hiroshi Shibata. So its packaging-managing Bundler tool now offers a filter that blocks new version until it's been public "for at least N days. Releases t...

replacements.fyi - performant, safer npm package alternatives

Find more performant and safer replacements for outdated or unnecessary npm packages.

Chris's Wiki :: blog/python/EmailPackagesNotes