507 matches found
Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise
A previously undocumented Linux implant codenamed Quasar Linux RAT QLNX is targeting developers' systems to establish a silent foothold as well as facilitate a broad range of post-compromise functionality, such as credential harvesting, keylogging, file manipulation, clipboard monitoring, and...
Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities
TrendAI™ Research breaks down Quasar Linux QLNX, a previously undocumented sophisticated Linux RAT with low detection rates. In this blog, we examine a full-featured Linux threat incorporating a rootkit, a PAM backdoor, credential harvesting, and more, revealing how this malware enables stealthy...
Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware
Security experts have disclosed details of an active malware campaign that's exploiting a DLL side-loading vulnerability in a legitimate binary associated with the open-source c-ares library to bypass security controls and deliver a wide range of commodity trojans and stealers. "Attackers achieve...
Space Bears Ransomware Claims Comcast Data Theft Through Quasar Breach
Space Bears ransowmare claims it obtained Comcast files through a breach at Quasar Inc, with threats to publish the data and separate leaks promised from Quasar itself...
EUVD-2025-179185
Malicious code in elara-triton-quasar-async npm...
Malicious code in sirius-registry-webpack-quasar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c310c475846e8ee5e7c18a1b32e566c7929067fa02791639c37510e9d7820c0f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177699
Malicious code in native-quasar-middleware-cz-conventional-changelog npm...
EUVD-2025-176203
Malicious code in stop-cressida-prompts-quasar npm...
EUVD-2025-179782
Malicious code in chalk-paleontology-quasar-taurus npm...
EUVD-2025-176842
Malicious code in quasar-promise-kaus-quito npm...
Malicious code in nuxtjs-heka-google-quasar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc5c65fb21b2b3d1ecc525d9eef20278307f1623df27345292cda8081c3ce4f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177131
Malicious code in playwright-quasar-tachyon-thuban npm...
EUVD-2025-176844
Malicious code in quasar-helmet-metabolomics-node-config npm...
EUVD-2025-177510
Malicious code in nuxtjs-heka-google-quasar npm...
EUVD-2025-175414
Malicious code in zephyr-eris-spinner-quasar npm...
EUVD-2025-179122
Malicious code in entanglement-levels-leda-quasar npm...
EUVD-2025-179816
Malicious code in centaurus-quasar-module-rimraf npm...
EUVD-2025-177110
Malicious code in polaris-parcel-ora-quasar npm...
EUVD-2025-177169
Malicious code in pino-pretty-phenomic-quasar-meteor npm...
EUVD-2025-177964
Malicious code in mantle-asteroid-charon-quasar npm...