15 jun 2026

Arch Linux locks down AUR signups amid wave of malicious commits

1 outlet4hbroke the register 13:30

A wave of malicious commits hit the Arch User Repository (AUR) over the weekend, prompting the team to disable new account registration on Monday morning while it cleans up the mess. The issue was first acknowledged on June 12, with a post stating: "We are currently experiencing a high volume of malicious package adoptions and updates in the Arch User Repository." The team warned that users might have issues opening new accounts, pushing package updates, and adopting or creating fresh packages.

read at the register

sitrep links out to every source. metadata only, no article text is stored here.