Linux has had its share of malware. Here are some of the scariest incidents.
As I've grown more comfortable with Linux, I've discovered alternative methods of installing apps. Sometimes, they're better ...
The CachyOS team has released the June 2026 ISO, delivering another feature-packed update for its Arch Linux-based ...
One of the largest open-source package repositories just spent a weekend cleaning up after a malware campaign that did not break into anything. It did not need to. Attackers seized control of more ...
Arch Linux on Monday announced that it has suspended new account registrations on the Arch User Repository (AUR) in response to a wave of malicious packages being published as part of an ongoing ...
The Arch User Repository lets community members adopt orphaned packages: legitimate projects abandoned by their original maintainers. That process is the entry point for this AUR supply chain attack.
Update - 18:55 UTC - The Arch Linux team put up an official announcement now: We are currently experiencing a high volume of malicious package adoptions and updates in the Arch User Repository. We are ...
More than 400 packages in the Arch User Repository (AUR) are distributing a Linux rootkit and infostealer malware targeting credentials and access tokens. A report from the open-source intelligence ...
Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a ...
GitHub has announced what it said are "breaking changes" coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats. The changes aim to combat ...
Another Linux kernel flaw has handed local unprivileged users a way to peek at files they should never be able to read, including root-only secrets such as SSH keys. The bug affects multiple LTS ...