Security News

Linux wiper malware hidden in malicious Go modules on GitHub
2025-05-06 09:13

A supply-chain attack targets Linux servers with disk-wiping malware hidden in Golang modules published on GitHub. [...]

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack
2025-05-03 14:31

Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch next-stage payloads that can irrevocably overwrite a Linux system's primary disk and...

Watch out for any Linux malware sneakily evading syscall-watching antivirus
2025-04-29 18:51

Google dumped io_uring after $1M in bug bounties A proof-of-concept program has been released to demonstrate a so-called monitoring "blind spot" in how some Linux antivirus and other endpoint...

Kali Linux warns of update failures after losing repo signing key
2025-04-28 16:37

​Offensive Security warned Kali Linux users to manually install a new Kali repository signing key to avoid experiencing update failures. [...]

New Linux Rootkit
2025-04-24 19:35

Interesting: The company has released a working rootkit called “Curing” that uses io_uring, a feature built into the Linux kernel, to stealthily perform malicious activities without being caught...

Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools
2025-04-24 12:58

Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call...

Linux 'io_uring' security blindspot allows stealthy rootkit attacks
2025-04-24 12:00

A significant security gap in Linux runtime security caused by the 'io_uring' interface allows rootkits to operate undetected on systems while bypassing advanced Enterprise security software. [...]

Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
2025-04-19 15:11

Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities....

Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT
2025-04-18 07:10

Cybersecurity researchers are warning of continued risks posed by a distributed denial-of-service (DDoS) malware known as XorDDoS, with 71.3 percent of the attacks between November 2023 and...

New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks
2025-04-16 10:37

Cybersecurity researchers have unearthed a new controller component associated with a known backdoor called BPFDoor as part of cyber attacks targeting telecommunications, finance, and retail...