3 matches found
Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor
Cybersecurity researchers have disclosed details of a malicious Go module that's designed to harvest passwords, create persistent access via SSH, and deliver a Linux backdoor named Rekoobe. The Go module, github.com/xinfeisoft/crypto, impersonates the legitimate "golang.org/x/crypto" codebase, bu...
Over 280,000 WordPress Sites Attacked Using WPGateway Plugin Zero-Day Vulnerability
A zero-day flaw in the latest version of a WordPress premium plugin known as WPGateway is being actively exploited in the wild, potentially allowing malicious actors to completely take over affected sites. Tracked as CVE-2022-3180 CVSS score: 9.8, the issue is being weaponized to add a malicious...
New Syslogk Linux Rootkit Lets Attackers Remotely Command It Using "Magic Packets"
A new covert Linux kernel rootkit named Syslogk has been spotted under development in the wild and cloaking a malicious payload that can be remotely commandeered by an adversary using a magic network traffic packet. "The Syslogk rootkit is heavily based on Adore-Ng but incorporates new...