A massive supply chain attack targeting the Arch User Repository (AUR) has compromised more than 400 community-maintained packages, with attackers injecting malicious build scripts designed to deploy credential-stealing malware and rootkit-style payloads on affected Linux systems.
It’s a sandbox in the sense that it is a box to keep the sand in one place under normal circumstances. It was never intended to completely prevent sand from being ejected by an unruly child inside of it. Or perfectly keep outside toys from being brought into it if someone tries to do that.