Active AUR malicious packages incident
archlinux.orgProbably this is easier to understand although not the primary source: https://lwn.net/Articles/1077718/
Probably this is easier to understand although not the primary source: https://lwn.net/Articles/1077718/