ESET researchers uncover "WolfsBane," a Linux backdoor linked to the China-based Gelsemium group. This is Gelsemium's first known Linux malware—hinting at a change in attack strategies. ESET ...

A previously undocumented Linux implant named Quasar Linux (QLNX) is targeting developers' systems with a mix of rootkit, ...

Researchers found a Linux malware called QLNX that combines P2P networking, rootkits, PAM backdoors, and fileless execution ...

Dubbed Quasar Linux (QLNX), the RAT has a modular architecture, uses multiple persistence and detection evasion mechanisms, ...

Quasar Linux (QLNX) is not an operating system, but a supply chain attack tool that is difficult to detect and remove.

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...

Between May 6 and 7, it was dangerous to install JDownloader from alternative links on the site.

CRPx0 is a complex, stealthy malware campaign that targets macOS and Windows systems, and appears to have Linux capabilities ...

A new Linux GoGra backdoor abuses Outlook via Microsoft Graph API for stealthy C2, targeting telecom, government, and IT sectors.

Researchers at Trend Micro have identified a frightening new Linux rootkit, dubbed Quasar Linux (QLNX,) and developers should be especially concerned. Per the report (which we spotted through Bleeping ...

The first UEFI bootkit specifically targeting Linux systems has been discovered, marking a shift in stealthy and hard-to-remove bootkit threats that previously focused on Windows. Named 'Bootkitty,' ...

A new malware strain, ELF/Sshdinjector.A!tr, has been linked to the DaggerFly espionage group and used in the Lunar Peek campaign to target Linux-based network appliances. Its primary function is data ...