⚠️ Beware of ShellBot malware! Weak SSH credentials on #Linux servers are being exploited in a new campaign. ShellBot can perform DDoS attacks & exfiltrate data.

Learn more: https://thehackernews.com/2023/03/new-shellbot-ddos-malware-targeting.html

New Linux vulnerability (CVE-2023-4911) named Looney Tunables found in the GNU C library's dynamic loader. Exploitation could lead to root privileges.

Learn how it affects major #Linux distributions: https://thehackernews.com/2023/10/looney-tunables-new-linux-flaw-enables.html

New #Linux Kernel Exploitation Technique Unveiled: SLUBStick

This technique could elevate limited heap vulnerabilities to arbitrary memory read-and-write capabilities, threatening system security.

Researchers have shown SLUBStick can successfully bypass defenses like KASLR with a 99% success rate.

Read: https://thehackernews.com/2024/08/new-linux-kernel-exploit-technique.html

A new #ransomware variant, Cicada3301, is making headlines for its advanced tactics and SMB focus. Cicada3301 not only targets Windows and #Linux/ESXi systems but also embeds compromised user credentials for further exploitation.

https://thehackernews.com/2024/09/new-rust-based-ransomware-cicada3301.html

Earth Lusca's KTLVdoor malware targets Windows & #Linux, enabling file manipulation and remote scanning via 50+ command-and-control servers, likely shared with other threat actors.

Learn more: https://thehackernews.com/2024/09/new-cross-platform-malware-ktlvdoor.html

Google has just launched a Password Manager PIN feature that allows users to sync passkeys seamlessly across Windows, macOS, #Linux, ChromeOS, and Android.

Learn more: https://thehackernews.com/2024/09/chrome-users-can-now-sync-passkeys.html

Developers, beware! Poisoned Python packages are being used by North Korean attackers to spread PondRAT malware, compromising both #Linux and macOS systems.

Learn more: https://thehackernews.com/2024/09/new-pondrat-malware-hidden-in-python.html

A new variant of the Helldown ransomware is now targeting #Linux and virtualized infrastructures via VMware, broadening its attack surface to industries like #healthcare, manufacturing, and IT services.
With evolving tactics, this marks a major shift in ransomware strategies, now focusing on virtual machines and cloud-based infrastructures.

Learn how Helldown is evolving — https://thehackernews.com/2024/11/new-helldown-ransomware-expands-attacks.html

🚨 New China-linked APT Gelsemium targets #Linux—The notorious group has launched a new Linux backdoor, WolfsBane, alongside another malware tool called FireWood, raising cybersecurity alarms.

WolfsBane and FireWood are targeting East & Southeast Asia, exploiting unknown vulnerabilities to steal sensitive data.

Read: https://thehackernews.com/2024/11/chinese-apt-gelsemium-targets-linux.html

🚨 New Malware Alert: PUMAKIT, a #Linux rootkit, employs advanced stealth tactics to evade detection and escalate privileges.

It’s not just hiding files—it’s altering core system behavior while remaining invisible to system tools.

Learn how PUMAKIT operates 👉 https://thehackernews.com/2024/12/new-linux-rootkit-pumakit-uses-advanced.html