Things As They AreThere's been a major compromise of many packages in the Arch User Repository (AUR). Malware that harvests credentials has been discovered.
Discussion here: https://lists.archlinux.org/archives/list/[email protected]/thread/FGXPCB3ZVCJIV7FX323SBAX2JHYB7ZS4/
Stay safe out there.
Natalie