The Hacker News

Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit

Attackers hijacked 400+ Arch Linux AUR packages to run a Rust credential stealer, with optional eBPF rootkit support on root systems.
Bleeping Computer

SonicWall releases SMA100 firmware update to wipe rootkit malware

SonicWall has released a firmware update that can help customers remove rootkit malware deployed in attacks targeting SMA 100 series devices. "SonicWall SMA 100 10.2.2.2-92sv build has been released ...
Bleeping Computer

Over 400 Arch Linux packages compromised to push rootkit, infostealer

More than 400 packages in the Arch User Repository (AUR) are distributing a Linux rootkit and infostealer malware targeting credentials and access tokens. A report from the open-source intelligence ...
Ars Technica

Thousands of Linux systems infected by stealthy malware since 2021

Thousands of machines running Linux have been infected by a malware strain that’s notable for its stealth, the number of misconfigurations it can exploit, and the breadth of malicious activities it ...
CSOonline

PUMA creeps through Linux with a stealthy rootkit attack

A new loadable kernel module (LKM) rootkit has been spotted in the wild compromising Linux systems with advanced stealth and privilege escalation features. PUMAKIT, as called by the Elastic Security ...