Arch Linux Now Believes Malware Incident Under Control: More Than 1,500 Affected Packages

Written by Michael Larabel in Arch Linux on 12 June 2026 at 08:55 PM EDT. 41 Comments

The day started out with Arch Linux's AUR user-contributed repository seeing more than 400 packages compromised with malware. Now in ending out the day they believe all affected commits have been addressed. But it ended up being more than 1,500 affected packages.

It was bad enough when finding out more than 400 AUR packages for Arch Linux users had been infected with malware but now that number has risen to around 900 a few hours ago and now in the end at more than 1,500 user-contributed packages.

In an update a few hours ago, it was believed around 900 packages were infected by malware in this week's incident.

Then as of writing now, the last message in the thread over this security incident is noting that Arch Linux developers have deleted all the malicious commits they are aware of. Cited was this list that puts the number of malware-affected packages at 1,579! Tons of software in this user-maintained Arch Linux user repository were impacted by this nasty security incident.

Even at 1,579 packages listed, that final updated noted, it's a "list containing many (but not all) of the affected packages". Ouch.