A massive supply chain attack targeting the Arch User Repository (AUR) has compromised more than 400 community-maintained packages, with attackers injecting malicious build scripts designed to deploy credential-stealing malware and rootkit-style payloads on affected Linux systems.
Forenote: image text unrelated, but somewhat relevant.
Me, not updating my system in many months due to a box of various issues:
~7Mbps shared internet, Arch expecting regular updates (and me not setting up the timer stuff to prevent those issues), and most recently before this my 1050Ti becoming legacy and Arch moving the legacy driver onto the AUR (I updated stuff from the AUR even less, so this is a blocker for me).
I probably need a new distro at this point, but not convinced by any. In any case an AMD GPU would also help, but also probably not happening on my terms either.