A massive supply chain attack targeting the Arch User Repository (AUR) has compromised more than 400 community-maintained packages, with attackers injecting malicious build scripts designed to deploy credential-stealing malware and rootkit-style payloads on affected Linux systems.
It’s at the bottom of the doc:
echo "Checking for infected AUR packages (${#INFECTED_PKGS[@]} total)..." echo found=() for pkg in "${INFECTED_PKGS[@]}"; do if pacman -Qi "$pkg" &>/dev/null; then found+=("$pkg") fi done if [[ ${#found[@]} -eq 0 ]]; then echo "Clean: none of the known infected packages are installed." else echo "WARNING: ${#found[@]} infected package(s) found:" for pkg in "${found[@]}"; do echo " - $pkg" done fiNot sure why it uses -Qi instead of -Qm since there’s no point in scanning pacman packages, but I’m no expert