US EditionArch user-contributed browsers compromised
5 Articles
5 Articles
They use open source Chaos RAT to infect different Arch Linux machines in Firefox, LibreWolf and Zen packages, but also affect Windows.
Well, here I'm not going to go by four paths: if you've installed some packages on the AUR (Arch User Repository) in the last few days, you may have a RAT (Remote Access Trojan) that's quiet on your machine on Arch Linux. And believe me, that's not the kind of roommate you want to keep. On July 16, 2025, a user answering the sweet name of "danikpapas" (account now banished, obviously) managed to post malware on the AUR. These craps stayed online…
Hackers Injected Malicious Firefox Packages in Arch Linux Repo
Cybersecurity researchers have identified a sophisticated supply chain attack targeting Arch Linux users through malicious packages designed to masquerade as Firefox browser variants. Three compromised packages containing Remote Access Trojan (RAT) malware were successfully uploaded to the Arch User Repository (AUR) on July 16, 2025, before being detected and removed by the Arch Linux security […] The post Hackers Injected Malicious Firefox Pack…
Arch Linux users need to remove and reinstall Firefox, LibreWolf, and Zen web browsers because a malicious version carrying a remote access trojan has appeared in the AUR. Affected users are advised to take immediate action to ensure safety.
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
