A massive supply chain attack targeting the Arch User Repository (AUR) has compromised more than 400 community-maintained packages, with attackers injecting malicious build scripts designed to deploy credential-stealing malware and rootkit-style payloads on affected Linux systems.
Arch usually doesn’t re-package Python packages that aren’t needed for something else, meaning they end up in the AUR. I maintain several there, and when I stop using them I abandon them. I wouldn’t be surprised if some of the ones I used to maintain are on the list