> TritonInfoSec News
Home / Jun 13, 2026 / Story
0
#2 The Hacker News general June 12, 2026 at 19:33 UTC

Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit

By [email protected] (The Hacker News)

AI Summary

Attackers compromised over 400 Arch User Repository (AUR) packages this week, rewriting build scripts to drop a Rust-based credential stealer targeting developer secrets such as API keys and access tokens. When executed with root privileges, the malware also loads an eBPF rootkit to evade detection. Any Arch Linux developer who built AUR packages this week should audit their systems immediately for compromise.

Read full article → https://thehackernews.com/2026/06/over-400-arch-li…

Relevance score: 93.0/100

# More from June 13

  1. 1
    Oracle mitigates PeopleSoft zero-day exploited in data theft attacks BleepingComputer
  2. 3
    China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade The Hacker News
  3. 4
    Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing The Hacker News
  4. 5
    Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs The Hacker News
  5. 6
    CISA orders feds to patch actively exploited Ivanti flaw by Sunday BleepingComputer
  6. 7
    INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator The Hacker News
  7. 8
    Tchap data breach affects over 73,000 French govt employees BleepingComputer
  8. 9
    The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm The Hacker News
  9. 10
    ‘GreatXML’ Zero-Day Exploit Bypasses BitLocker SecurityWeek