Arch Linux AUR hit by malware wave, new registrations suspended

Arch Linux has suspended new user registrations for the AUR (Arch User Repository) due to ongoing malicious code injections and vandalism. Over 400 software packages were infected and distributing trojans, prompting administrators to urgently clean up malicious commits and accounts. Attackers bypassed initial selective filters by replacing npm with bun and obfuscating their code calls.