On the 16th of July, at around 8pm UTC+2, a malicious AUR package was uploaded to the AUR. Two other malicious packages were uploaded by the same user a few hours later. These packages were installing a script coming from the same GitHub repository that was identified as a Remote Access Trojan (RAT). The affected malicious packages are: - librewolf-fix-bin - firefox-patch-bin - zen-browser-patched-bin The Arch Linux team addressed the issue as soon as they became aware of the situation. As of...