diff --git a/detection/c2/unexpected-talkers-linux.sql b/detection/c2/unexpected-talkers-linux.sql
index e8bc213..3cc96ba 100644
--- a/detection/c2/unexpected-talkers-linux.sql
+++ b/detection/c2/unexpected-talkers-linux.sql
@@ -96,7 +96,7 @@ WHERE
     '80,6,0,/usr/NetworkManager,0u,0g,NetworkManager',
     '80,6,0,/usr/packagekitd,0u,0g,packagekitd',
     '80,6,0,/usr/pacman,0u,0g,pacman',
-    '80,6,500,/usr/pacman,0u,0g,pacman',
+    '80,6,0,/usr/python3.10,0u,0g,dnf',
     '80,6,0,/usr/python3.10,0u,0g,yum',
     '80,6,0,/usr/tailscaled,0u,0g,tailscaled',
     '80,6,0,/usr/.tailscaled-wrapped,0u,0g,.tailscaled-wra',
@@ -108,6 +108,7 @@ WHERE
     '80,6,500,/usr/curl,0u,0g,curl',
     '80,6,500,/usr/firefox,0u,0g,firefox',
     '80,6,500,/usr/firefox,0u,0g,.firefox-wrappe',
+    '80,6,500,/usr/pacman,0u,0g,pacman',
     '8080,6,500,/opt/chrome,0u,0g,chrome',
     '8080,6,500,/usr/firefox,0u,0g,firefox',
     '8443,6,500,/opt/chrome,0u,0g,chrome',