Из ленты Phoronix — кратко, чтобы не потерять.
The day started out with Arch Linux’s AUR user-contributed repository seeing more than 400 packages compromised with malware. Now in ending out the day they believe all affected commits have been addressed. But it ended up being more than 1,500 affected packages…
Полный текст и контекст у первоисточника: https://www.phoronix.com/news/Arch-Linux-AUR-More-Than-1500