Arch Linux
Coverage of Arch Linux in the Nexus archive.
- Arch Linux Now Believes Malware Incident Under Control: More Than 1,500 Packages
Arch Linux has stated that a malware incident affecting more than 1,500 packages is now under control. The incident involved compromised packages in the Arch User Repository (AUR).
- 400+ Arch Linux AUR Packages Hijacked to Install Rust Credential Stealer
Attackers hijacked over 400 packages in the Arch User Repository (AUR) to install a Rust-based credential stealer that harvests developer secrets. The malware can load an eBPF rootkit to hide itself when executed with root privileges. The AUR is a community-maintained package collection separate from Arch Linux's official repository.
- Exploit released for new PinTheft Arch Linux root escalation flaw
A proof-of-concept exploit has been released for the PinTheft Linux privilege escalation vulnerability, allowing local attackers to gain root privileges on Arch Linux systems. The vulnerability was recently patched. This exploit allows attackers to escalate their privileges.
- Arch Linux Now Has a Bit-for-Bit Reproducible Docker Image
Arch Linux has introduced a new Docker image that is bit-for-bit reproducible, ensuring consistent builds across different environments. This update addresses a key need for developers requiring verifiable and deterministic package builds.