I found another AUR package that is infected it uses "npm install atomic-lockfile", also the package is 4 hours young. (first commit)
https://aur.archlinux.org/cgit/aur.git/commit/?h=exodus-wallet-bin&id=d5b08e944f2655f501345812acac89fbbd870421 exodus-wallet-bin On Thu, Jun 11, 2026 at 9:17 PM Rafał Lichwała <[email protected]> wrote: > apm_planner-bin > > > https://aur.archlinux.org/cgit/aur.git/commit/?h=apm_planner-bin&id=b569c6a6e1c2b6db70327b347f7d23af99a9ca9f > > cmuclmtk > > > https://aur.archlinux.org/cgit/aur.git/commit/?h=cmuclmtk&id=cb8ca0793547ccb96050c944a7eba92ee31c57d8 > > anythingllm-appimage > > > https://aur.archlinux.org/cgit/aur.git/commit/?h=anythingllm-appimage&id=3a9a95f8b3f814b7bb82f44d1d388ddf3a6ac7d4 > > > On 6/11/26 19:47, Jonathan Grotelüschen wrote: > > Hi everyone, > > > > we’re working hard to reset/delete all malicious commits and ban the > > accounts. > > > > If you find more malicious packages, please **send them as a reply to > > this email** to keep them all in one thread. > > > > Thanks! > > > > -- > > tippfehlr >
