A massive supply chain attack targeting the Arch User Repository (AUR) has compromised more than 400 community-maintained packages, with attackers injecting malicious build scripts designed to deploy credential-stealing malware and rootkit-style payloads on affected Linux systems.
you only need to check your 3 or 4 packages to see if they were installed/updated during a certain date range.
Considering I haven’t been home since the 6th of June, I assume I probably couldn’t have been infected. But I will still do a thorough check when I get home next week.