A sophisticated cyberattack targeting Arch Linux users was discovered on July 16, 2025, when malicious actors uploaded three compromised browser packages to the Arch User Repository (AUR).
The packages, disguised as legitimate Firefox and browser variants, contained Remote Access Trojan (RAT) malware that could...