-
The Harvester APT group has quietly expanded its espionage arsenal with a new Linux variant of its GoGra backdoor, one that cleverly hides its command-and-control (C2) traffic within Microsoft Outlook mailboxes, making it significantly harder to detect…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Gentlemen is a fast‑growing ransomware‑as‑a‑service (RaaS) operation now targeting Windows, Linux, NAS, BSD, and VMware ESXi with a new locker written in C for hypervisor environments. Its multi‑platform design and strong defense‑evasion features make …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A previously undocumented Linux backdoor attributed to China-linked threat group APT41 (Winnti) has been uncovered, targeting cloud workloads across AWS, GCP, Azure, and Alibaba Cloud. The ELF-based implant, currently showing zero detections on VirusTo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A social engineering campaign is actively targeting open source developers through Slack. The warning was shared through the OpenSSF Siren mailing list, a public threat intelligence platform designed to alert developers and security teams about active …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A North Korea–nexus threat actor has hijacked the popular Axios NPM package in a high‑impact software supply chain attack that can silently backdoor Windows, macOS, and Linux systems. Between March 31, 2026, 00:21 and 03:20 UTC, attackers used a compro…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Red Hat has issued an urgent security alert regarding a highly sophisticated supply chain attack targeting the popular xz compression utility. Cybersecurity researchers discovered malicious code embedded within recent versions of the xz libra…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
VoidLink is a new Linux rootkit family that combines classic kernel modules with eBPF to hide processes and network activity deep inside modern cloud environments. It targets distributions from CentOS 7 up to Ubuntu 22.04, giving attackers a stealthy w…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ransomware has evolved beyond simple file lockers. Originally known for fast, human-operated Wi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Qualys uncovers ‘CrackArmor’ vulnerabilities in AppArmor that could expose 12.6M Linux systems to root access and container escapes.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed set of nine vulnerabilities, dubbed “CrackArmor,” has exposed a critical flaw in AppArmor, a foundational Linux security module. AppArmor serves as the default mandatory access control system for Ubuntu, Debian, SUSE, and …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
