A China-linked advanced persistent threat actor tracked as UAT-9244 has been targeting telecommunication service providers in South America since 2024, compromising Windows, Linux, and network-edge ...

In the beginning, North Korean hackers compromised the banking infrastructure running AIX, IBM’s proprietary version of Unix. Next, they hacked infrastructure running Windows. Now, the state-backed ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect ...

Attackers are wielding a novel Linux backdoor against the education and public sectors in the US and Asia that demonstrates particularly stealthy ways to avoid both detection and deletion from a ...

One of North Korea's most sophisticated threat groups has been hiding remote access malware for macOS and Linux inside of open source Python packages. North Korean advanced persistent threats (APTs) ...

Recent discoveries have unveiled two new malware strains, WolfsBane and FireWood, targeting Linux systems. These advanced tools have been attributed by ESET to the notorious Gelsemium Advanced ...

Chinese hackers have built new all-in-one malware to target Linux devices, a new report from cybersecurity researchers ESET, have said. The WolfsBane malware features a dropper, launcher, a backdoor, ...

A botnet targeting Internet of Things devices running on the Linux operating system works by brute forcing credentials and downloading cryptomining software. See Also: Cracking the Code: Securing ...

DripDropper exploits an old server security hole. After infection, DripDropper patches the hole itself. Simple patch discipline could have stopped the exploit. Get more in-depth ZDNET tech coverage: ...

Original story: Security researchers have uncovered rare malware that can infect a Linux machine’s boot process, making it harder to detect and remove. The malware is known as a bootkit, which is ...