Over 400 AUR Packages Compromised with Rootkit and Infostealer Targeting Developers

Over 400 packages in the Arch User Repository (AUR) were compromised to distribute a rootkit and an infostealer targeting developers' credentials. The malicious packages specifically aimed at extracting sensitive authentication details. No specific dates, CVE IDs, or technical details about the rootkit or infostealer were provided in the report. The attack leveraged the AUR, a community-driven repository for Arch Linux users. The impact includes potential unauthorized access to developer accounts and systems. No attribution or timeline for the compromise was disclosed.