A massive supply chain attack targeting the Arch User Repository (AUR) has compromised more than 400 community-maintained packages, with attackers injecting malicious build scripts designed to deploy credential-stealing malware and rootkit-style payloads on affected Linux systems.
So, I’m totally fine because I always manually install from the AUR? This is more of a problem for people using those AUR helpers that make a package manager out of it, right?
I don’t think it matters how you installed infected AUR packages.
No. If it came from AUR, it doesnt matter the method you used. You should check all the AUR apps you recently updated (from 9th to 12th June), and compare it to the lists. Only AUR though… Arch official repos are not affected by it.