Something for the arch users on here: 'If you are an Arch user, you know – AUR (Arch User Repository) is a double-edged sword—it’s incredibly useful but requires caution. Unfortunately, that caution was warranted yet again this week when three AUR packages were found to contain malware. The issue came to light on July 16 when a user uploaded a malicious package, librewolf-fix-bin, to the AUR. Within hours, two more packages—firefox-patch-bin and zen-browser-patched-bin—followed, all traced back to the same bad actor. Security researchers quickly identified the threat: a Remote Access Trojan (RAT) hidden in a script pulled from a GitHub repository. For those unfamiliar, a RAT is no joke—it can grant attackers full control over an infected system, enabling them to steal data, install additional malware, or spy on users. Thankfully, the Arch Linux security team responded promptly as soon as they became aware of the issue. By July 18, all three malicious packages had been removed from AUR.' -- source: https://linuxiac.com/malware-discovered-in-arch-linux-aur-packages/ Cheers, Peter