Attackers from the Atomic Arch campaign infiltrate over 1,500 orphaned AUR packages with eBPF-based rootkits for credential theft, prompting Arch Linux to halt new account registrations.
A China-linked hacker group infiltrated fundamental Linux authentication systems PAM and OpenSSH over many years, evading conventional detection methods.