400+ Arch Linux AUR Packages Deliver eBPF Rootkit and Infostealer
Attackers hijacked orphaned AUR packages to push malicious npm payloads. The rootkit hides processes at kernel level while the stealer exfiltrates developer credentials.
6 articles tagged with "Rootkit"
Attackers hijacked orphaned AUR packages to push malicious npm payloads. The rootkit hides processes at kernel level while the stealer exfiltrates developer credentials.
Attackers adopted orphaned AUR packages to push credential-stealing malware with kernel-level rootkit capabilities. Here's what Arch users need to do now.
McAfee discovered NoVoice malware hiding in 50+ Google Play apps, using 22 exploits to root devices and clone WhatsApp sessions. Factory reset won't remove it.
Updated CISA analysis reveals RESURGE implant uses advanced evasion techniques and can persist undetected on Ivanti Connect Secure devices until remote activation.
Singapore confirms China-linked APT compromised M1, Singtel, StarHub, and SIMBA using zero-day exploits and rootkits. 11-month Operation Cyber Guardian response disclosed.
Chinese APT uses stolen certificate to sign malicious driver that disables security tools. First documented case of TONESHELL delivered via kernel-mode loader.