New stealthy Quasar Linux malware targets software developers

A previously undocumented Linux implant named Quasar Linux (QLNX) is targeting developers' systems with a mix of rootkit, ...

JDownloader site hacked to replace installers with Python RAT malware

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...
CSO Online

New malware turns Linux systems into P2P attack networks

Researchers found a Linux malware called QLNX that combines P2P networking, rootkits, PAM backdoors, and fileless execution ...

QLNX: New Remote Access Trojan targets Linux developers

Quasar Linux (QLNX) is not an operating system, but a supply chain attack tool that is difficult to detect and remove.
The Hacker News

New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials

PamDOORa Linux backdoor abuses PAM modules for SSH persistence and credential theft, increasing Linux server compromise risks ...
SecurityWeek

Sophisticated Quasar Linux RAT Targets Software Developers

Dubbed Quasar Linux (QLNX), the RAT has a modular architecture, uses multiple persistence and detection evasion mechanisms, ...
The Hacker News

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

ZiChatBot malware spread via 3 PyPI packages in July 2025 uses Zulip APIs as C2, enabling stealthy attacks across systems ...
HotHardware

New Quasar Linux Malware Is Stealing Developer Credentials with a Hidden Rootkit

Researchers at Trend Micro have identified a frightening new Linux rootkit, dubbed Quasar Linux (QLNX,) and developers should be especially concerned. Per the report (which we spotted through Bleeping ...
Ars Technica

North Korean hackers use newly discovered Linux malware to raid ATMs

In the beginning, North Korean hackers compromised the banking infrastructure running AIX, IBM’s proprietary version of Unix. Next, they hacked infrastructure running Windows. Now, the state-backed ...
Windows Report

Linux GoGra Backdoor Uses Outlook via Graph API for Stealthy Espionage

A new Linux GoGra backdoor abuses Outlook via Microsoft Graph API for stealthy C2, targeting telecom, government, and IT sectors.
Infosecurity-magazine.com

DaggerFly-Linked Linux Malware Targets Network Appliances

A new malware strain, ELF/Sshdinjector.A!tr, has been linked to the DaggerFly espionage group and used in the Lunar Peek campaign to target Linux-based network appliances. Its primary function is data ...