Tag

Arch Linux

All articles tagged with #arch linux

technology26 days ago

Arch Linux AUR Grapples With Second Wave of Obfuscated Malware

A day after Arch Linux AUR’s initial malware incident, a second wave of more sophisticated, obfuscated malware hit user-supplied packages (including Node.js, Plasma 6 applets, Firefox, Aura browser, LibreWolf extensions, and a NeoVim plug‑in). Reported by a821 and later by Nicolas Boichat, the affected packages were addressed, but experts warn that AUR security safeguards may need strengthening or a temporary shutdown until verification improves.

Arch AUR Breach Hits 400+ Packages with Rootkit and Credential Stealer
technology27 days ago

Arch AUR Breach Hits 400+ Packages with Rootkit and Credential Stealer

Over 400 Arch User Repository packages were compromised after a spoofed maintainer injected malicious post-install steps that install a rogue npm package (atomic-lockfile) containing a Linux ELF with an eBPF rootkit and credential-stealing capabilities. The malware targets developer data and tokens across tools like Slack, Teams, Discord, GitHub, Vault, and SSH, and can exfiltrate data via HTTP. Researchers from IFIN and Sonatype describe two attack methods: hijacking orphaned PKGBUILD files to run npm post-install, and abusing a trusted maintainer identity to push malicious commits. Arch is removing the malicious commits and banning accounts; affected users should review indicators of compromise, rotate credentials, and consider reinstalling Arch if compromised.

Arch AUR Supply-Chain Breach Hits 400+ Packages with Credential Stealer and eBPF Rootkit
technology28 days ago

Arch AUR Supply-Chain Breach Hits 400+ Packages with Credential Stealer and eBPF Rootkit

A supply-chain attack hijacked more than 400 Arch Linux AUR packages by modifying their build scripts to install a Rust-based credential stealer that can also load an eBPF rootkit when run with root; the attackers targeted abandoned packages to exploit trust, persisted via systemd, and used Tor for C2, prompting users to audit builds, rotate credentials, and thoroughly clean systems rather than assuming safety from package managers.

technology29 days ago

Malware Hits Arch Linux AUR, More Than 400 Packages Compromised

A large-scale malware campaign targeted Arch Linux's AUR, compromising over 400 user-submitted packages. Arch maintainers are actively resetting and deleting the malicious content and banning affected accounts; officials say the impact is limited to AUR and does not affect Arch's official packages, with discussions on mailing lists and CachyOS forums detailing the incidents.

Public PoC Reveals PinTheft Arch Linux Root Privilege Flaw
technology1 month ago

Public PoC Reveals PinTheft Arch Linux Root Privilege Flaw

A publicly released PoC demonstrates PinTheft, a Linux local privilege escalation in the RDS zerocopy path that can yield root on Arch Linux by pinning user pages and stealing FOLL_PIN references through io_uring fixed buffers; exploitation requires the RDS module to be loaded (default on Arch among common distros), io_uring enabled, a readable SUID-root binary, and x86_64 support, which limits its practical attack surface. Users should patch with the latest kernel, and as a mitigation can unload the RDS modules and disable them via modprobe.d (install rds /bin/false and install rds_tcp /bin/false) until patches are deployed.

Three months on Linux, Windows fades into the background
tech2 months ago

Three months on Linux, Windows fades into the background

After switching his desktop to CachyOS (an Arch-based rolling release) in January, Nathan Edwards uses Linux as his main computer and has booted Windows only twice. The ride has been calmer and more robust than expected, with occasional hardware quirks (a webcam mic glitch, ethernet wake issues, a printer headache) that he fixes through Snapper snapshots, manual partition tweaks, and driver tweaks. He’s embraced open-source tools (Zen browser, Spotify launcher, ZMK Studio) and the Unix philosophy of modular software, while still keeping Windows on his laptop for work. He plans to keep Linux as his desktop daily driver going forward.

Playnix: The 3D-Printed PC Console Signals Gaming’s Hybrid Future
gadgets2 months ago

Playnix: The 3D-Printed PC Console Signals Gaming’s Hybrid Future

A 12.6x9.7-inch 3D-printed Playnix Console packs a full PC (Ryzen 5 5500, RX 9060 XT, 16GB RAM, 512GB) into a compact shell, runs Arch Linux with EmuDeck, and can upscale to 4K/60fps via AMD's FSR Redstone. Priced at $1,140, it's pitched as a glimpse of the future where consoles and PCs converge, with hints of hardware upgrades and OS features (Xbox Mode) shaping the next generation.

Arch Linux Discontinues Pascal GPU Support, Prompting Manual Driver Installations
technology6 months ago

Arch Linux Discontinues Pascal GPU Support, Prompting Manual Driver Installations

NVIDIA has discontinued support for Pascal GPUs on Linux, causing issues for users on Arch Linux who face driver failures after updates. The workaround involves using a legacy driver from the AUR, maintained by CachyOS, but this can break Steam and requires additional hacks. The situation highlights challenges in supporting older hardware on Linux.