Hi,
about half an hour ago, I've been notified that package rgain3 has been
tampered with as well:
https://aur.archlinux.org/cgit/aur.git/commit/?h=rgain3&id=985c80c6827c842ed8a1396f860bdf0007a539cc
Malicious user account is: istvanilles
The attack has shifted to trying to install packages `axios` and
`js-digest` via `bun`.
On 11.6.2026 19:47, Jonathan Grotelüschen wrote:
Hi everyone,
we’re working hard to reset/delete all malicious commits and ban the
accounts.
If you find more malicious packages, please **send them as a reply to
this email** to keep them all in one thread.
Thanks!
--
tippfehlr