three supply-chain compromises surfaced the same day: roughly 1,900 arch linux user-repository packages (~9% of the repo) were hijacked via orphaned-package adoption to inject a rootkit and credential stealer; the awesome motive cdn was backdoored, injecting malicious javascript into widely used wordpress plugins from the source; and north-korea-attributed actors minted and drained tokens worth about $36m from a blockchain identity service. the cluster shows the trusted distribution layer — repos and cdns — being attacked rather than individual sites.