Malicious packages uploaded to the Arch Linux AUR

The Arch Linux project has sent out anadvisory warning that a set of malicious packages, containing a remoteaccess trojan, were uploaded to the Arch User Repository (AUR). Theaffected packages were librewolf-fix-bin, firefox-patch-bin, andzen-browser-patched-bin. "We strongly encourage users that may haveinstalled one of these packages to remove them from their system and totake the necessary measures in order to ensure they were notcompromised."