<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>AUR on HackingPassion.com : root@HackingPassion.com-[~]</title><link>https://hackingpassion.com/tags/aur/</link><description>Recent content in AUR on HackingPassion.com : root@HackingPassion.com-[~]</description><generator>Hugo</generator><language>en</language><lastBuildDate>Sat, 13 Jun 2026 12:46:22 +0200</lastBuildDate><atom:link href="https://hackingpassion.com/tags/aur/index.xml" rel="self" type="application/rss+xml"/><item><title>Hackers Hijacked 400 Arch Linux AUR Packages to Install Malware</title><link>https://hackingpassion.com/atomic-arch-aur-malware/</link><pubDate>Sat, 13 Jun 2026 12:46:22 +0200</pubDate><guid>https://hackingpassion.com/atomic-arch-aur-malware/</guid><description>&lt;p>More than 400 packages in the Arch User Repository (AUR) were hijacked this week, and the attacker never broke into a single system to do it. They took over packages whose makers had walked away, then let people install the malware during a routine update they had no reason to question. 🐧&lt;/p>
&lt;p>The AUR is the place where community members write and share the recipes for installing software that is not in the official Arch repositories. Publishing there is open to the community, and Arch based systems pull straight from it. That openness is one of the reasons people love Arch, and it is also why this played out the way it did. The official Arch repositories were never touched.&lt;/p></description></item></channel></rss>